TooShort. Makaveli. The Analyzer.
These three teenagers—the first two from northern California, the other from Israel—set off alarms within DOD early this year with their successful attempts to hack into unclassified DOD computers. Because the attacks came during the build-up for possible military actions against Iraq, DOD officials were initially concerned that the US was being targeted in a preemptive information warfare strike. At risk were unclassified systems containing data on Persian Gulf related logistics, personnel, etc.
In part in response to them and in part in response to other hackers, the Defense Department has created a new alert system designed to rate the level of threats to its information system. The new Information Conditions (INFOCONs) are structured similarly to the Threat Conditions (THREATCONs) used to rate terrorist threats.
Each level indicates an increase in the threat to DOD information technology systems. Structured, systematic attacks to penetrate multiple systems will result in a higher INFOCON rating than when individual, isolated attempts are made. Since DOD will use them in response to different conditions, raised INFOCON and THREATCON levels will not necessarily to hand in hand.
The INFOCON levels include:
- INFOCON NORMAL indicates normal threat environment and precautions apply.
- INFOCON ALPHA indicates a heightened threat of possible information attack, to include an increased number of problems which might indicate patterned surveillance/reconnaissance.
- INFOCON BRAVO indicated a demonstrated, increased, and patterned set of intrusion activities exists, to include a compromise of systems resources. Examples included dedicated computer sweeps, scans, or probes and a significant increase of detected viruses, nuisances, phreaking, pinging, and spamming.
- INFOCON CHARLIE indicated an actual information attack has occurred, or intelligence indicates an imminent information warfare attack. This includes the response to any collection efforts targeted against classified systems.
- INFOCON DELTA indicates the severity of an information attack has significantly degraded mission capability. Primary efforts at INFOCON DELTA are recovery and reconstitution.
Last fall, the Presidential Commission on Critical Infrastructure Protection issued a report entitled “Critical Foundations: Protecting America’s Infrastructures.” Part one focused on how America’s vulnerabilities have changed because of our increasing dependence of computers and networks. Part two talked about steps that should be taken to protect our infrastructures and minimize future vulnerabilities. The report, in Adobe Acrobat format, can be viewed or downloaded from http://www.pccip.gov/report_index.html.
Win Schwartau, an author and consultant on information warfare, has recommended the Departments of Justice and Defense cooperate with large organizations and enterprises in the civilian sector to develop a stronger information protection program. This is because commercial organizations, including the communications, financial, power, and transportation infrastructures are under their control. Schwartau has written “The contention is that the Pentagon is in the physical war business. . . .That contention, too, is a matter of healthy debate when we ask ‘Who protects the private sector from international assaults that do not involve bombs, airplanes and submarines?’” Schwartau’s web site is at http://www.infowar.com/.
TooShort, Makaveli, and The Analyzer were part of a hacker group called “The Enforcers.” After the trio’s arrests, other Enforcers— including Paralyze, Immunity, and DooM—launched a brief campaign of retaliatory hacks against commercial and government web pages. More information on the group, their successful hacks, and their announcement of a truce can be found at http://www.antionline.com/.
No comments:
Post a Comment