ascf news review - august 2012 - part i

Download ASCF News Review - August 2012 - Part I

Post on 25-Mar-2016

214 views

Category:

Documents

2 download

Embed Size (px)

DESCRIPTION

 

TRANSCRIPT

  • AMERICAN SECURITY COUNCIL FOUNDATION

    National Security Report

    Promoting Peace through Strength

    In This Issue:

    The Invisible Threat By Alan W. Dowd

    ASCF Senior Fellow

  • Volume 1III, Issue VIIIAugust 2012 Page 2

    What if Americas enemies were probing the Pentagon for weak-

    nesses, sabotaging the governments ability to protect the country,

    stealing sensitive information and even planting time bombs that

    could cripple the country? Most of us would say America is under

    attack. And wed be right. Whatever we call it, something not too

    dissimilar is happening in cyberspace, as a disparate collection of

    individuals, groups and foreign governments take aim at Americas

    information infrastructureour countrys nervous system.

    To get a sense of how vulnerable our information infrastructure is

    to foreign exploitation and attack, consider an all-too-real sce-

    nario:

    You wake up tomorrow morning, turn the TV to your favorite

    morning news show, and boot up your laptop while you begin checking the messages on your cell phone. But your cell phone is

    dead. The Internet works, but the websites of your favorite newspapers dont. Only a handful of TV stationsall local channels

    are broadcasting. And all of them are warning viewers to boil water before drinking it, due to the failure of water-treatment fa-

    cilities. A scrolling statement along the bottom of the screen announces that several major banks are unable to open due to com-

    puter problems; electrical-power grids in the Northeast have gone dark; and automatic failsafe procedures have kicked in at sev-

    eral airports, snarling air travel across the country. Hospitals and groceries, gas stations and seaports, are shut down and cut off.

    Scrambling for information, you turn on the radio and hear reports that the United States has been hit by a massive cyberattack

    of unknown origin. A hurriedly crafted White House statement announces that the president has been moved to an undisclosed

    location. You race back to your computer to email friends in other parts of the country, but now, aside from the words Unable

    to connect to the Internet, the screen is blank. America is blind, panicked and under attack.

    Web War I

    Defense Secretary Leon Panetta has described this sort of cyberattack as the next Pearl Harbor. But that may be an understate-

    ment. Unlike Pearl Harbor, which decimated the Pacific fleet but left Americas vast industrial, communications and utilities infra-

    structure untouched, an orchestrated cyberattack could cripple our power grid, freeze our financial system, blind our military

    and scramble our communications networksmixing the very worst of Pearl Harbor, 9/11, the 2003 Northeast Blackout and the

    2008 economic crash.

    If that sounds overly dramatic or alarmist, just consider Estonia, which weathered what some call Web War I in 2007. It started

    when Russian nationalists unleashed a withering volley of distributed denial of service attacks that disabled Internet-

    dependent systems across the country, including networks supporting government agencies, media outlets, the mobile-phone

    system, the 9-1-1 equivalent and the countrys largest bank. In laymans terms, the attackers crashed networks with countless

    computer-generated zombie hits, flooded servers with junk data, and, as The International Herald Tribune explained, over-

    whelmed the routers and switchesthat direct traffic on the network.

    Cyber-attacks are a form of offensive action that can paralyze, weaken, harm a nation-state, Estonian president Toomas

    Hendrik Ilves explained following the three-week cyber-siege of his country.

    A year after Estonia, Russian cyber-militiamen launched a digital invasion ahead of the Russian militarys ground invasion of

    Georgia, crippling government networks, hijacking servers and slowing Georgias ability to respond.

    In 2009, hackers from the former Soviet Union, bankrolled by Hezbollah and Hamas, carried out cyberattacks against Israel. As

    the Israeli newspaper Haaretz reported, The Home Front Commands site, which instructs citizens how to protect themselves

    from attacks, was down for three hours.

  • Page 3 Peace through Strength

    www.ascfusa.org

    Russia is not the only culpritand the list of victims is not limited to our friends in Estonia, Georgia and Israel. Gen. Keith Alexander, commander of U.S. Cyber Command (CYBERCOM), notes that over 100 countries have network-exploitation capabilitiesin 2011 the number of cyberattacks rose 44 percentthe number of attacks on U.S. critical infrastructure went from nine in 2009 to over 160 in 2011.

    Many of those attacks are emanating from China.

    Beijing encourages hundreds of quasi-independent hacker teams and even trains some at Chinese military bases. In fact, the Pentagon concluded in 2007 that the Peoples Liberation Army (PLA) has established information warfare units to de-velop viruses to attack enemy computer systems and networks.

    Germany blames hackers linked to the PLA for massive cyberattacks against the chancellery and foreign ministry. One Ger-

    man official even used the phrase Chinese cyberwar in describing the attacks.

    In 2007, the Pentagon was forced to disable computer systems serving the Office of Secretary of Defense, after it was dis-

    covered that the PLA had hacked into the system. Chinese hackers have attacked government ministries in Europe, Japan, India, Taiwan, South Korea, Australia and dozens of other countries; penetrated computer systems at U.S. defense firms, the White House, State Department and NASA; and planted computer components in the United States with Trojan horse codes that could be activated to destroy or disable real-world facilities. If we go to war with them, they will try to turn them on, an intelligence official told The Wall Street Jour-nal.

    The Pentagons 2008 report on China concluded that Beijing views cyberspace as an arena for non-contact warfare and aims to conduct cyber-warfare against civilian and military networksespecially against communications and logistics nodes.

    Chinas development in the cyber realm, combined with its other anti-access/area denial capabilities, imposes significant

    potential risk on U.S. military activities, according to Adm. Samuel J. Locklear III, commander of Pacific Command. Indeed,

    the Pentagons 2011 report on Chinese military power noted that Beijing would employ cyberattacks to constrain an adver-

    sarys actions or slow response time by targeting network-based logistics. Consider the gaping vulnerabilities of U.S. Trans-

    portation Command (TRANSCOM). AOL Defense reports that 90 percent of TRANSCOMs communications are handled on

    unclassified networks, owing to the fact that TRANSCOM has to rely on collaborative relationships with commercial partners

    to move military equipment. In the event of a U.S.-China crisis, its not difficult to imagine Chinese cyberwarriors exploiting

    this vulnerability.

    Something Bad

    The physical infrastructure America depends onthe electrical grid, water-treatment facilities, air-traffic control system,

    transportation arteriesdepends on cyberspace. And cyberspace is at risk. With a few keystrokes, someone could throw

    Americas high-tech society back to pre-industrial days.

    Before scoffing at that possibility, listen to the words of Ene Ergma, head of the Estonian parliament: Cyberwar doesnt make you bleed. But it can destroy everything. Or consider this: The British government warns that utilities-network up-grades carried out by the Chinese telecom firm Huawei may have given Beijing the ability to shut down essential services, including power and water supplies.

  • Similarly, The Wall Street Journal has reported on pervasive penetration of the U.S. electrical grid, whereby malicious software and sleeper switches have been implanted to allow China or Russia to disrupt service at a time of their choosing.

    Its no wonder that House Intelligence Committee Chairman Mike Rogers warns that Something pretty bad is coming. Alex-ander worries about the enemys transition from disruptive to destructive attacksI think those are coming.

    The challenge is to mitigate the effects of a full-blown cyber-crash, cyber-blackout, cyber-9/11 or cyber-Pearl Harborand

    then to take the fight to the enemys swath of cyberspace. Click here for part II

    American Security Council Foundation Page 4

    The American Security Council Foundation is a 501 (c) (3) Tax Exempt Organization Est. 1958

    Peace through Strength is a registered trademark of the ASCF. All rights reserved

    Donate now to the ASCF at www.ascfusa.org

    LEVELS OF MEMBERSHIP

    Please Select Your Annual Membership Level

    Student Membership $10.00

    Post 9/11 Veterans $10.00

    Patriot $25.00

    Bronze Eagle $50.00

    Silver Eagle $100.00

    Gold Eagle $250.00

    Presidents Circle $500.00

    Corporate Associate $10,000.00

    Executive Associate $25,000.00

    MEMBERSHIP FORM

    To join ASCF , please fill out the form below and mail it back or