The Pentagon has their Defense Information Systems Agency, which spares no effort to publicize the Defense Department’s vulnerability to hackers. They assign their own hackers to break into the Department’s Internet computers (which carry unclassified information only), and 88 percent of the time, they get in. When they do, 96 percent of the time they are undetected. One estimate of the cost of fixing it is between $15 billion and $18 billion. And infowar stories rarely fail to mention that according to Defense officials, a group of Dutch hackers offered to help Iraq during the Gulf War, by fouling up the Pentagon’s logistics communications — 25 percent of which were uncoded and sent on the Internet.[9] The next time, rumor has it, Saddam isn’t likely to refuse the offer.
No one is better at getting his name into print than OPSEC consultant Winn Schwartau, author of “Terminal Compromise,” an infowar novel that isn’t worth the cost of a free download from CompuServe. Schwartau also wrote “Information Warfare: Chaos on the Electronic Superhighway” (New York: Thunder’s Mouth, 1994), described by a reviewer as 400 pages in which the author “tells us what he’s going to tell us, tells us, and then tells us what he’s told us.”[10] At a conference in September 1995, Schwartau told of American hackers he had met, who for patriotic reasons were upset over French economic spying. Schwartau said that they planned to hack into the Paris subway and big French companies in retaliation, but then were scared off by the FBI.
Schwartau goes on to claim that he installs offensive, as well as defensive, information weapon systems. “They’re indispensable. Installing an offensive system is the only way to get to know the aggressive methods that you need to protect yourself against.”[11] This must be what the experts call a cybernetic feedback loop. Or perhaps it’s just one consultant’s gravy train.
Despite the hype, there are important historical trends behind the interest in information warfare. French military authorities, for example, suspect that unidentified hackers broke into their navy system in July and, according to Reuters on September 20, “tapped into the data on the acoustic signatures of hundreds of French and allied ships.” President Jacques Chirac ordered a major investigation. While American and British liaison officers, who provided information on their own vessels, were furious at the French and suspected the Russians, some French officers suspect that the Americans were testing French security.
The electronic transfer of funds is another area that highlights our growing dependency on high-tech. “We’re more vulnerable than any other nation on earth,” the director of the National Security Agency, John McConnell, told a seminar in June. He pointed to banks, global financial markets, and the Federal Reserve.[12] Citibank, which electronically transfers some $500 billion daily, recently worked with the FBI and authorities in several other countries to sting a group of Russian hackers. Before they were caught, they managed to transfer $400,000 from Citibank to accounts in the U.S., Finland, Germany, Israel, the Netherlands, Russia, and Switzerland.[13]
Outgoing CIA deputy director William Studeman recently told another conference that “massive networking makes the U.S. the world’s most vulnerable target for information warfare,” and said that our systems could be targeted by drug traffickers, organized crime, computer vandals, disgruntled employees, or paid professionals. Studeman pointed out that “denial of service” — jamming with overload, for example — can be as effective as actually breaking in, and is frequently easier. Potential near- term targets might include telecommunications, power and utility distribution, stock exchanges, the banking system, air traffic control, the Internal Revenue Service, and Social Security.[14] Current CIA director John Deutch announced in June that he was putting together some interagency working groups to look into information warfare.[15]
Some of this interest in network vulnerability has been transferred to other areas. Former CIA director Robert Gates said in March 1993 that “the U.S. intelligence community does not and will not engage in industrial espionage.”[16] Several months later, CIA director James Woolsey wanted to be “quite clear” about this: “The CIA is not going to be in the business that a number of our friends’ and allies’ intelligence services are in – – spying on foreign corporations for the benefit of domestic business.”[17]