[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] "Digitales Pearl Harbor" im Planspiel
Die bemerkenswertesten Ergebnisse dieses sehr interessanten Planspiels,
das vom US Naval War College und der Gartner Group durchgeführt wurde:
"(...) while local attacks are possible, it's virtually impossible to
bring off any lasting, nationwide horror." Nur Staaten hätten die
Kapazitäten, dieses überhaupt erst anzugehen - und dennoch könnten sie
nicht allzuviel erreichen.
Die entsprechende Seite der Gartner Group incl. Audio von der
Mock cyberwar fails to end mock civilization
By Thomas C Greene in Washington
Posted: 14/08/2002 at 12:08 GMT
A mock cyberwar enacted by faculty of the US Naval War College and
analysts from Gartner does not appear to have fulfilled the Clancyesque
predictions of mass devastation envisioned by the leading security
paranoiacs of the Clinton and Bush Administrations.
The exercise, named "Digital Pearl Harbor," apparently in tribute to US
CyberSecurity Czar and Chief Alarmist Richard Clarke, brought together a
team of experts in several areas related to critical infrastructure for
a three-day hackfest.
The red teams were divided into telecomms, Internet, electric power and
finance sub-groups. To make the exercise as realistic as possible, the
popular Hollywood and National Security Council cliches of brilliant
geek-misfits wreaking mass mayhem from some deluxe hobbyist dungeon was
abandoned. Instead, the attackers came from the upper levels of the tech
world: engineers, programmers, mathematicians, many with PhD degrees and
decades of practical experience to their credit.
It was assumed that the operators would be bankrolled with at least $200
million, would have access to state-level intelligence, and take five
years to plan their attacks. The goal would be to create not mass
destruction, but crisis in public confidence sufficient to shift the
balance of power (presumably as an accessory to a real war).
Now this I can accept as a plausible scenario. Technically speaking, a
dream team like the one described with the money and time assumed can
definitely do some damage. On the other hand, I doubt they'd be able to
keep an operation that size secret for five years, especially as they'll
need to recruit inside help. Someone's going to do something stupid, say
something stupid, or approach the wrong person for assistance. And
indeed, one of the team leaders, David Fraley in the telecomms group,
made a similar observation.
Another assumption I would challenge is the belief that disruptions,
even coordinated disruptions, in these areas would in fact result in a
major crisis of public confidence. We've seen cities immobilized for
days by natural events like blizzards, the severest of which are often
accompanied by power and communications breakdowns, financial
inconveniences and failures of emergency response teams to function, and
yet life goes on. Human beings simply aren't as fragile and
narcotically-dependent on state authority as the government desperately
desires them to be. We shift for ourselves rather well for moderate
periods of time when the infrastructure of state paternalism lets us
down and the life-giving commercial heartbeat flatlines. People are
remarkably good at solving problems, both individually and in small
ad-hoc groups. Thus we survive earthquakes, floods, blizzards,
depressions, epidemics, hurricaines, foreign occupations, famines,
plagues, slavery, volcanic eruptions, sustained V-1 and V-2 bombing
campaigns, and the like.
If we couldn't, we wouldn't be here now.
With that said, it's nevertheless clear that a fair amount of mischief
can be brought about by a large, well-funded technical dream-team.
Telecomms group member Fraley reported that it's possible to cause SS-7
(Common Channel Signaling System #7) and PSTN (Public Switched Telephone
Network) capacity to collapse for a brief period. However, it would take
a very large investment in both personnel and money (bribes, presumably)
to accomplish even that much. Perhaps 200 people would be needed, he
reckoned. A satchel bomb thrown down a manhole in Manhattan would be far
easier, far cheaper, and still fairly destructive, he remarked.
As for the power grid, it's national, and controlled by large, complex
SCADA (Supervisory Control and Data Acquisition) systems. Still, it's
only feasible to target a large metropolitan area, team member John
Dubiel noted. Attacking the entire grid would be quite impractical. The
best approach would be physical attacks on major transmission corridors,
all of which are well-known, followed by the malicious use of owned
control systems to to create a pattern of cascading failures throughout
the target region. "At this point the system is attacking itself," he
observed. Finally, one would attack and damage the SCADA systems
themselves to hamper recovery efforts.
It's possible to launch remote attacks against some SCADA systems
connected to public infrastructure, but insiders would have to be
recruited to attack others, he added. Furthermore, this would have to be
coordinated brilliantly and carried out in hours, not days, to thwart
the counterbalance of ongoing recovery efforts. We can assume that with
a $200 million war chest, the attackers will have little trouble buying
the needed cooperative insiders. But there again, the more people
involved, the greater the chance that some dumb bastard is going to slip
up in a big way and blow the whole operation.
In the finance area, group member Annie Earley recommended attacking
markets and disrupting cash flow and credit availability in the
consumer, corporate and institutional realms simultaneously to undermine
public confidence. To get the most long-term damage from the smallest
investment, she advised attacking the ACH (Automated Clearing House)
According to the Federal Reserve, in 2000 ACH handled 4.8 billion items
valued at $12 trillion, including salary deposits, consumer and
corporate bill payments, stock dividends, Social Security and other
entitlement payments by the US Treasury, insurance premiums, and stock
Earley says it's painfully easy to replicate the ACH format and simulate
a valid transmission while substituting bogus transactions. I was rather
impressed with her diabolical imagination. Imagine starting the attack
on Friday, 26 November 2004, the start of the Thanksgiving holiday
weekend. Social Security benefits will be paid during the weekend,
creating a flood of activity within which to conceal numerous other
malicious efforts involving salary deposits and scores of other
transactions handled via ACH. All the bogus payments would be fomatted
legitimately and be small enough not to attract attention (under $10,000
each). Short-staffing on the holiday weekend reduces the chance that
oddities will be noticed. Earley expects 30-45 days' lag in the public's
discovery of the monkey business, but once people begin to reconcile
their monthly statements, call centers will begin going berserk, bank
branches will be flooded with confused, demanding patrons, and it will
be impossible to answer everyone's questions. Staff capacity will simply
be exceeded and all Hell will break loose.
Obviously, Earley has forgotten the carefully-groomed and fully-tamed
American media which will dutifully promulgate whatever
improbably-cheerful message the government and Wall Street see fit to
feed it. You may not be able to reach your bank's call center, but the
major papers and networks will be far ahead of the curve, offering the
populace whatever soothing platitudes the nation's financial-sector
flacks have prepared for just such an eventuality. Unless this attack
can be coordinated with an effective communications infrastructure
attack which would knock out national TV, I don't see it sowing panic.
Earley's vagueness about the discovery time-line makes such tight
coordination impractical at best.
Now we come to the magical, mysterious Internet, the very nexus of mass
cyber-terror superstition. In this case the team assumes only $50
million to spend, four cells, and six months in which to plan.
Team member John Mazur recommended establishing a covert control network
to undermine confidence in the Internet. This would make use of P2P
applications, compromised VPNs and hijacked machines in enterprise
networks. High-value targets might include media outlets through which
malicious hackers could spread disinformation (or at least
entertainment). Other handy targets would include NSPs, financial, power
and enterprise networks, and corporate and government networks entrusted
with sensitive information.
Member Paul Schmitz imagined four cells: a recon and intelligence cell
(probing, mapping, scanning, enumerating); an architecture cell (owning
remote machines), a disruption cell (playing Hell with data and
DoS'ing), and a destruction cell (finally switching off the lights). It
should be easy to turn insiders -- today, thanks to the incomprehensible
greed and irresponsibility of the upper brass in several key companies
like KPNQwest and WorldCom, there are now thousands of disgruntled and
'downsized' workers with the necessary skills, and motivation, to be of
Strategic targets would have to be chosen carefully. If all went well
for the h4x0r dream-team, it might be possible to create cascading
failures extending for a few days' time. This would involve router OS
poisoning, ruining tables; system corruptions involving widespread
Windoze blue screens, and finally disablling DNS servers so that what
remains of the Internet would be difficult for ordinary users to
exploit. To some extent this could be sustained by rapidly-changing
attack methods; thus multiple-day attacks are feasible, if not probable.
To sum up, the Naval War College's Craig Koerner pointed to the need for
"synergies" in making the attacks interoperable, hence feasible. For
example, the group would likely attack the Internet last to preserve it
for other, continuing attacks. He pointed out that while local attacks
are possible, it's virtually impossible to bring off any lasting,
nationwide horror. The stereotypical scenario of a crew of hackers
bringing down the national infrastructure is quite ludicrous, despite
the apparently perjured testimony before numerous Congressional
Committees of Michael Vatis, Louis Freeh, Richard Clarke, John Tritak,
Ron Dick, Scott Charney, and Mudge.
But you already knew that. ®
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.