[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Iraqi Computer Attacks Feared
The New York Times
January 17, 2003
Iraqi Computer Attacks Feared
By ERIC LICHTBLAU
W ASHINGTON, Jan. 16 -- Intelligence officials are concerned that a
recent rise in electronic attacks against government and military
computer networks in the United States may be the work of pro-Iraqi
hackers and could signal a "potential crisis" in national security,
according to a classified F.B.I. assessment.
The assessment, prepared last week by the National Infrastructure
Protection Center at the Federal Bureau of Investigation, warned
intelligence officials that the attacks, which have been relatively
limited, are likely to grow more widespread and "more dangerous" as
tension over a possible war against Iraq grows.
American intelligence analysts say they have long been concerned by the
notion that Al Qaeda could use computers to wage terror -- disrupting
water treatment plants or nuclear facilities, for instance. Experts say
the link between Iraq and computer hacking may have been underestimated
and poses a growing threat to United States security.
"Iraq is certainly among the places in the world that we think a
cyberattack might well be launched from," Representative Robert E.
Andrews of New Jersey, a Democrat on the House Armed Service Committee
who has been active on cyberwarfare issues, said in an interview.
Mr. Andrews noted that computer attacks were difficult to trace and
could be damaging, which he said met Iraq's goals. "A cyberattack really
fits Saddam Hussein's paradigm for attacking us," he said.
No one appears to have been arrested in the attacks, and the F.B.I.
assessment did not divulge the number of recent hackings or how
successful they were. Nor did it disclose how the authorities traced the
motive or origin of the attacks, but it blamed "ideologically motivated,
pro-Iraq" hackers who have expressed opposition to United States
activities in the Middle East and support for Islamic extremists.
There is some skepticism over whether Mr. Hussein's regime has the
technical capability or the desire to initiate such attacks.
Gordon Johndroe, a spokesman for the Department of Homeland Security,
said, "We are concerned about groups sympathetic to Iraq" hacking into
government computer systems. But he added that there was no evidence
that Mr. Hussein's regime had done so.
"I wouldn't tie this in to a state-run operation," Mr. Johndroe said.
"Iraq is more interested in obtaining weapons of mass destruction --
chemical, biological and nuclear -- than in pursuing the sophisticated
skills and equipment necessary for a successful cyberattack."
Officials at Iraq's mission to the United Nations did not return phone
calls seeking comment.
Military and F.B.I. officials declined to discuss the Iraq issue
specifically. In a statement, the bureau acknowledged that in general,
as international tensions increase, cybercrime "often escalates."
"It can be state sponsored or encouraged, or come from domestic
organizations or individuals independently," the statement said.
The military said it worked constantly to prevent hacking at the 3
million computers and 10,000 local area networks in its information
"The fact is, we are attacked and we defend on a daily basis," said Tim
Madden, a spokesman for Maj. Gen. J. David Bryan, commander of the
military's Joint Task Force-Computer Network Operations.
Mr. Madden said, "Less than 2 percent of those attacks are successful in
that the intruders gained root-level access."
But American military analysts have become so concerned about the recent
increase in activity that last week they raised the alert status on the
threat of pro-Iraqi hackers to the level of a "possible crisis," the
F.B.I. assessment said. Military officials declined to explain how the
threat system works or the reasons any changes might be made.
The assessment said recent computer disruptions have included Web
defacements, "denial of service" attacks that can disrupt or paralyze a
network, and hacking "probes" and "scans" aimed at testing the
vulnerability of a network.
The F.B.I.'s assessment described these recent disruptions as relatively
low level. But it warned that as tensions with Iraq escalated, "more
dangerous courses of action" by Iraqi-affiliated hackers -- including
more widespread denial-of-service attacks and the injection of worms or
viruses that can damage programs -- were "increasingly possible."
The F.B.I. predicted that "hacking activity will continue during the
next 90 days and will increase as allied pressure on Iraq mounts."
The report said hacker groups controlled hundreds of automated search
robot networks that could be used to attack government systems. And it
warned that many powerful, easy-to-use tools were available on public
Michael Vatis, former director of the F.B.I. cybercrime unit, said even
relatively unsophisticated hackers could significantly damage systems
that control a wide range of national security interests.
Iraq is thought to have been developing an information warfare program
in recent years, but it is probably lagging behind more sophisticated
countries like China and Russia, said Mr. Vatis, who is now director of
the Institute for Security Technology Studies at Dartmouth College.
"I would suspect they're at a middling stage," he said. "But even a
middling capability can cause serious harm."
Mr. Vatis cautioned that tracing an electronic attack is a notoriously
difficult task. In the case of denial-of-service attacks, hackers can
hide their identities by penetrating hundreds of computer networks and
turning them into "zombies" to use against a target system, he said.
He pointed to an episode in 1998 in which hackers penetrated United
States military computers and briefly disrupted troop exercises in the
Persian Gulf. The authorities originally suspected Iraqi agents, but
they ultimately traced the attack to two California teenagers.
"You can't assume that your military adversary is responsible," Mr.
Copyright 2003 The New York Times Company
Mail an infowar -
- infopeace -
de mit "unsubscribe" im Text.