->PConnect(script.ftech.net,mi2gl,m4d2e,mi2gl)
 

The Threat to Government, Business and Financial Markets

mi2g Internal Memorandum

Cyber Warfare

Perspective

Historically war has been classified as physical attacks with bombs & bullets between nation states. It was beyond the means of an individual to wage war.

Today, in the Information Age, the launch pad for war is no longer a runway but a computer. The attacker is no longer a pilot or soldier but a civilian Hacker. An individual with relatively simple computer capability can do things via the internet that can impact economic infrastructures, social utilities and national security. This is the problem we face in moving from the industrial world to the Information Age, which is the essence of Cyber War.

The Internet was developed during the cold war climate of the 1960s to protect communications in the event of a nuclear strike. The main strength of the internet is that if parts of the network are destroyed information automatically re-routes. In essence there is no Central Control that can be targeted. It is this very anonymity and the anarchy of the Internet that leaves organisations open to attack.

Problem

The problem is that Western societies have in the past few decades become reliant on the efficient functioning of electronic control systems for more and more segments of daily life, especially the economic processes. There is an assumption that they will function flawlessly or that there is a readily available standby in every case. There is also a misunderstanding about communications systems. Communications systems are now just computers that route information on the back of commands.

If these electronic systems go wrong the technology that supports our economies fails. As the global network of computers, the Internet, becomes the communication backbone, all societies reliant upon it are vulnerable to cyber attack.

As Stephen Badsey of Sandhurst Royal Military Academy states:

'...attack a society through its computers to cause the breakdown of the mechanism & the infrastructure which cause it to run, you will bring about mass deaths......directly or indirectly...'

Threat

It is possible to attack and interrupt any electronic network which would naturally include power stations, emergency services, stock market and air traffic control systems, with devastating consequences. The consequences are so serious that the American Government tried to suppress a report titled 'Cyberwar is Coming' by researchers at RAND, an American think tank, in 1992.

The dangers of Cyber attack lie in the Information Age allowing individuals, who choose to conceal their identity, to access something valuable electronically without being detected. A business could be shut down or severely damaged through this covert access. In May 1998 the L0pht Collective, a group of computer hackers in Boston USA, testified to a US Senate Committee studying network security:

'The seven of us could very trivially take down the entire Internet for the United States......Great Britain......basically stopping communications between all the major network access providers. That would cause overloads on to the other transit routes for communication, regular phone lines. It would cause problems for people trying to move large sums of money that are doing it over networks......Take about thirty minutes......if that'

Where is this threat coming from?

The generic term used is Hacker - but this merely means someone who has been able to penetrate any kind of defence. The motives of Hackers vary. Some destroy data, or there can be criminal intent; others could be terrorists or university students taking on the challenge. No matter who the Hackers are or their motives the equipment that is required is readily available and within the purchasing power of all.

The knowledge required can be found on notice boards posted on the Internet. Readymade formulae are available to be copied with instructions on how to dispatch attacks. This allows 'warfare' to be taken out of the national fold and readily available to groups and individuals at anytime, anywhere in the world.

Associated Repercussions

The above problem will be compounded by the new Data Protection Act 1998 in the UK which extends the envelope of criminal prosecution against the Directors of a company that fail to satisfactorily protect their corporate assets, which has now been defined to include corporate information. Furthermore this type of legislation is not promoted in the USA creating an anomaly which may also affect Anglo-American companies who regularly exchange information.

Renowned worldwide for the ATCA Briefings. Subscribe now.
 
Home - Profile - Values - People - Careers - Partners - Contact Us
D2 Banking - Bespoke Security Architecture - Digital Risk Management - Tools

Intelligence Briefings - Brochures - Case Studies -
SIPS Methodology FAQ (pdf)
Keynote Speeches - Articles - News Feeds - Glossary (pdf)
Terms and Conditions - Privacy Policy