SCIENCE TRIBUNE | Thursday, July 25, 2002, Chandigarh, India |
Preparing for information war
NEW PRODUCTS & DISCOVERIES
|
Preparing
for information war The
term information warfare is relatively new, but the role that
information and information technologies have played in warfare has
been crucial almost since the beginning of recorded history. Nearly
2000 years ago, the Romans, striving to secure their borders and
mobilise troops quickly, developed some yet undeciphered precursor of
Morse Code to send messages via flashing mirrors the entire length of
the Roman Empire in a single day. More recently, the US government
took over the entire telephony system during World war I, based upon
military and information security considerations. Even in those times,
the notion had arisen that in an age of total war the public networks
would be totally involved. Where the present differs from the past is
in the way that information technologies, including the public
networks, have become tools of war instead of merely supporting
conventional military operations.
Logic torpedoes Consider
the following nightmarish scenario where modern information warfare is
carried to its logical extremes using available technology. A large
yacht lies at anchor somewhere in the Indian Ocean. Powered by five
enormous wing sails that double as solar panels, it can stay at sea
for months without refueling, and in fact it has done so, sailing in a
random pattern, and transmitting over a VSAT satellite link. The
vessel is a warship, every bit as destructive as an aircraft carrier
or a missile cruiser, but it carries not a single conventional weapon.
Instead its arsenal consists, for the most part, of logic torpedos,
especially dangerous variants of the hackerfamiliar logic bomb. It
consists of a payload of malicious code and a delivery system made up
of an intelligent agent that directs the payload to a specific target
and places it deep in the operating system where it awaits activation
by either a transmitted command or the host’s own clock. The yacht
has a small crew to operate it, but most of its occupants are cyber
criminals, elite hackers carefully recruited by the vessel’s owner.
As the sun comes up on a breathless tropical morning, they watch a row
of flat screen video monitors carrying satellite broadcasts from all
over the world. The first logic torpedoes begin to detonate before
the sun is over the horizon. Major electrical utilities throughout the
target country experience blackouts and water and gas distribution
systems are disrupted as well. Medical electronic equipment begins to
malfunction at major hospitals and panic ensues. Financial records are
erased or altered on an enormous scale, precipitating early closure of
the financial markets and plummeting stock prices. Government
computers are massively attacked and payroll records for thousands of
government employees are altered. Public transit systems are brought
to a halt in many large cities and air traffic control systems are
ravaged. Then, when as many vital services are possible have been
incapacitated, a fresh wave of torpedoes is launched against the
networks themselves. Switches and routers are broached and
compromised. Network peering points are pummelled. Routing tables are
rewritten and are domain names. Directed energy viruses are
transmitted to millions of cell phones that transmit them, in turn, to
millions more. Finally as the coup de grace, a furious assault begins
against the nation’s largest data recovery centers whose working
have preoccupied the sea-borne hackers for the past several
weeks. Through it all, the television networks continue to function,
telling of untold confusion and fear. Then they too go down just as
the nation’s leader launches into a sound byte meant to reassure the
electorate. The hackers erupt in cheers, and innumerable champagne
bottles are brought out of the ship’s galley. Security analysts
have been speculating on the possibility and the likelihood of such an
attack for years, especially since the purported attempt by Saddam
Hussein to hire a hacker terror squad during the Gulf war.
Credibility The
occurrence of the unthinkable on September 11 has predictably given
such speculations a special relevance and has diminished the
credibility of those analysts - and they were probably the majority as
recently as a year ago -who would dismiss such a scenario as sheer
fantasy. US carriers are clearly preoccupied by security issues, and
the danger of catastrophic attacks to a degree never seen previously.
"Yes, a cyberterrorist attack is possible, most likely over the
Internet rather than the switched networks," says Venu Venugopal,
group manager for security for Sprint. "there’s a lot more
interest in network security now." "I can’t tell you
exactly what we’re doing." Said David Rabe, a spokesman for
Verizon, " But of course, we’re concerned. We’ve been
reviewing our security policies thoroughly since the attacks."
Psyops
now alive Information warfare in its broadest sense goes far
beyond electronic communications. The modern information warrior
approaches information in a limited number of ways. He gathers
information about the enemy and uses that information to enhance his
decision- making process and to control automated weapon systems. In
addition, he disseminates information to confuse or disable the enemy’s
own information systems such as radar or satellite surveillance, and
to sap enemy morale, a subspecies of infowar known as psyops (for
psychological operations). The information warrior relies on many
techniques and technologies to collect information. Old-fashioned
human intelligence provided by agents on the ground and even gleaned
from open sources such as newspapers and broadcasts is still in many
cases the best. But human intelligence has been increasingly
supplemented by information collected electronically. These means
include physical methods, such as satellite optical surveillance, on
which the US, for one, is heavily reliant; radar, the mainstay of
military operations in the field because of the ease with which it can
be combined with advanced weapons control systems; infrared sensors,
especially useful for detecting concealed troops in the field;
satellite interception of microwave over the horizon spill, useful for
picking up cellular backhaul , but less useful for landline telephony;
stray field emanations from computing equipment, the venerable phone
tap. In modern information warfare the public networks are considered
just another battlefield to be monitored as assiduously as troop
movements on the ground - only in this case, it means scanning traffic
at routers and switches as well as along copper and fiber optic
cables.
Outwitting the enemy Coincidentally, the network
operator is apt to become an intrusive presence in the life of the
ordinary user, for a government conducting surveillance likely will
cast a very wide net. A good example of this is Carnivore, a search
engine installed at the router level within an ISP by the FBI. While
the FBI has never revealed the details of how carnivore operates, it
pursues an undifferentiated stream of network traffic to sniff the
packets associated with suspects. Behind these basic physical
surveillance mechanism lie the beginning of a brain. This brain
consists of computing engines loaded with applications for digesting
and analyzing raw data. Examples abound. Satellite cameras feed
information to image enhancement and pattern analysis software for
resolving images. Radar receivers have their own specific intelligence
for rejecting spurious signals. Taps on public networks use
sophisticated search engines to isolate text transmissions containing
keywords and speech recognition algorithms to detect such words in
continuous speech. Supposedly, US intelligence agencies also possess
speech recognition software for identifying individual speakers.
Finally, data mining techniques are used to identify suspicious
patterns of network use.
Strong encryption Nonetheless,
online users can stymie government surveillance of their transmissions
by encrypting their messages. By all accounts, commercially available
strong encryption products on the market are close to uncrackable and
can only be attacked successfully by massively parallel computer
systems running continuously for weeks or months. Any terrorist
organisation resorting to strong encryption on a regular basis could
simply overwhelm the resources of the federal government. The Bush
administration recently floated the notion of outlawing strong
encryption worldwide. But how would you enforce it ? It goes almost
without saying that the outlawing of strong encryption would hinder
the ability of service providers to offer VPN services or to protect
intellectual contact entrusted to them. It would definitely impact the
business. It could also hamstring enterprises seeking to protect
themselves by means of authentication.
Networks in the crossfire Public
networks in the age of infowar find themselves in the unenviable
position of simultaneously having to protect themselves as potential
targets and to attempt to meet government demands for assistance in
monitoring security threats while avoiding liability claims by
individuals and corporations alleging violations of
privacy. Networks, both public and private, have developed in a way
that is antithetical to security. You have a lot of open source code
and open architectures which are good for developers but also good for
those seeking to attack the networks. Whenever one network is
connected to another, which is the essence of a public network, it is
vulnerable. As a security administrator, you have to look at
everything. Your attacker, on the other hand, has to exploit only one
vulnerability to bring your system down. It’s not a topic which
breeds optimism. One looks back almost with nostalgia to the days of
the electromechanical switch which no one ever hacked and seems today
to symbolise a sense of confidence in public institutions that cannot
be recovered.
The author is member (VLSI) with Semiconductor Complex, Chandigarh. |
NEW PRODUCTS & DISCOVERIES At present, just a concept study,
Ericsson is using this device as a prototype for the continuing development of
new applications. Look for a commercially available example from Ericsson in
the next 12 to 18 months. Mobile telecommunications giant Ericsson unveiled
the world’s first true multi-functional communicator platform at this year’s
CeBIT 2000 Show in Hannover, Germany. Coined as a first-generation integrated
mobile information device, it combines Internet browsing, messaging, imaging,
mobile telephony, personal information management, and location-based
applications and services. The Communicator is configured to handle the
latest mobile communications protocols, HSCSD (High Speed Circuit Switched
Data) and GPRS (General Packet Radio Services), along with triple-band GSM
(900/1800/1900 MHz) - which makes the device worldwide capable. Internet access
is via either a WAP or HTML browser. Equipped with both built-in Bluetooth
and GPS chips, the device employs Bluetooth technology to connect wirelessly to
a myriad of similarly configured appliances (like other phones, your PC, or the
store you are standing in), while the GPS interface allows the unit to provide
and receive information based upon geo-coordinates — to comply with
regulations so that an emergency crew can find you. An intuitive colour touch
screen allows for easy navigation, pen-input and handwriting recognition.
Jacket for heart When it comes to matters of the heart, big is usually better. But big and floppy is another story. After a heart attack or other assault that weakens the heart’s muscles, the organ begins to enlarge. The stress can kill so many cells that the heart begins to look like a "big floppy bag," says Dr. Hani Sabbah, the inventor of a mesh-like jacket that protects against the stretching that leads to heart failure. It’s currently in clinical trials. Concept PC
But it has many more tricks up its
screen. You can pluck the monitor from its stand and unfold it into a
traditional laptop — or turn its display away from you for
presentations. Finally, it also transforms into a tablet PC, complete with a
touch-screen. Though Hewlett-Packard has no plans to produce the concept; the
company will integrate some of its features into future products. Gene
clue to AIDS
One of the genes, called KIR,
controls a receptor on "natural killer" lymphocytes, a lethal
footsoldier in the immune system that is one of the body’s first lines of
defence against intruders. The other, HLA-B, encodes a protein for human
leucocyte antigen (HLA) located on the surface of white blood cells and other
tissues, the study published on July 21 said. Examining blood samples taken
from more than 900 people with the human immuno deficiency virus, scientists
led by Mary Carrington of the National Cancer Institute in Maryland found that
neither gene, by itself, had any impact on the progression to AIDS. But
volunteers who had specific variations in both genes were able to delay the
onset of AIDS, they found. AFP |
SCIENCE & TECHNOLOGY CROSSWORD
Clues Across: 1. Common name of a salt of Magnesium. 9. Branch of
medical science dealing with diseases of children. 11. Process of flow of
solvent into a solution through semi-permeable membrane. 12. Commonly used
type of Iron. 13. Symbol for Cadmium. 14. A common heart ailment (abbr.) 15.
A tropical plant, used as a vegetable. 16. An authority in UK responsible for
enforcement of health and safety regulations (abbr.) 18. …….ward side of a
truss experiences lesser air pressure. 19. Common name for a coloured
substance like Alizarin. 23. A small country of North America. 24. This
pressure on a surface is due to a fluid at rest. 27. A part of the large
intestine. 28. World’s biggest continent. 29. Glass apparatus used to keep
the solids moisture free. Down: 1. Poly-ether used as adhesive and
for protective coatings. 2. Computer language used for education. 3. These
elements, 7 in number, occur in Group III to VI of periodic table. 4. ….nil,
a popular product to eliminate odour. 5. … …metal, an alloy of lanthanides
and used in trace bullets. 6. Abbr. for an electronic machine used by news
agencies for printing. 7. The scale to measure the intensity of
earthquake. 8. A substance that release hydrogen ions when added to
water. 10. A deadly disease in which defence mechanism of body is
damaged. 17. Abbr. for an Entrepreneur-ship development programme launched in
India. 20. Microscopic organism used in fermentation. 21. Crystalline,
soluble and sweet carbohydrates. 22. An element of group 12 used for
galvanising. 25. The front of a hoof. 26. Abbr. for a popular English daily
of India. Solution to last week’s |