現在地 HOME > 掲示板 ★阿修羅♪ |
|
Mock cyberwar fails to end mock civilization
By Thomas C Greene in Washington
14 Aug 2002 at 12:08 GMT
A mock cyberwar enacted by faculty of the US Naval War College and analysts
from Gartner does not appear to have fulfilled the Clancyesque predictions
of mass devastation envisioned by the leading security paranoiacs of the
Clinton and Bush Administrations.
The exercise, named "Digital Pearl Harbor," apparently in tribute to US
CyberSecurity Czar and Chief Alarmist Richard Clarke, brought together a
team of experts in several areas related to critical infrastructure for a
three-day hackfest.
The red teams were divided into telecomms, Internet, electric power and
finance sub-groups. To make the exercise as realistic as possible, the
popular Hollywood and National Security Council cliches of brilliant
geek-misfits wreaking mass mayhem from some deluxe hobbyist dungeon was
abandoned. Instead, the attackers came from the upper levels of the tech
world: engineers, programmers, mathematicians, many with PhD degrees and
decades of practical experience to their credit.
It was assumed that the operators would be bankrolled with at least $200
million, would have access to state-level intelligence, and take five years
to plan their attacks. The goal would be to create not mass destruction, but
crisis in public confidence sufficient to shift the balance of power
(presumably as an accessory to a real war).
Now this I can accept as a plausible scenario. Technically speaking, a dream
team like the one described with the money and time assumed can definitely
do some damage. On the other hand, I doubt they'd be able to keep an
operation that size secret for five years, especially as they'll need to
recruit inside help. Someone's going to do something stupid, say something
stupid, or approach the wrong person for assistance. And indeed, one of the
team leaders, David Fraley in the telecomms group, made a similar
observation.
Another assumption I would challenge is the belief that disruptions, even
coordinated disruptions, in these areas would in fact result in a major
crisis of public confidence. We've seen cities immobilized for days by
natural events like blizzards, the severest of which are often accompanied
by power and communications breakdowns, financial inconveniences and
failures of emergency response teams to function, and yet life goes on.
Human beings simply aren't as fragile and narcotically-dependent on state
authority as the government desperately desires them to be. We shift for
ourselves rather well for moderate periods of time when the infrastructure
of state paternalism lets us down and the life-giving commercial heartbeat
flatlines. People are remarkably good at solving problems, both individually
and in small ad-hoc groups. Thus we survive earthquakes, floods, blizzards,
depressions, epidemics, hurricaines, foreign occupations, famines, plagues,
slavery, volcanic eruptions, sustained V-1 and V-2 bombing campaigns, and
the like.
If we couldn't, we wouldn't be here now.
With that said, it's nevertheless clear that a fair amount of mischief can
be brought about by a large, well-funded technical dream-team. Telecomms
group member Fraley reported that it's possible to cause SS-7 (Common
Channel Signaling System #7) and PSTN (Public Switched Telephone Network)
capacity to collapse for a brief period. However, it would take a very large
investment in both personnel and money (bribes, presumably) to accomplish
even that much. Perhaps 200 people would be needed, he reckoned. A satchel
bomb thrown down a manhole in Manhattan would be far easier, far cheaper,
and still fairly destructive, he remarked.
As for the power grid, it's national, and controlled by large, complex SCADA
(Supervisory Control and Data Acquisition) systems. Still, it's only
feasible to target a large metropolitan area, team member John Dubiel noted.
Attacking the entire grid would be quite impractical. The best approach
would be physical attacks on major transmission corridors, all of which are
well-known, followed by the malicious use of owned control systems to to
create a pattern of cascading failures throughout the target region. "At
this point the system is attacking itself," he observed. Finally, one would
attack and damage the SCADA systems themselves to hamper recovery efforts.
It's possible to launch remote attacks against some SCADA systems connected
to public infrastructure, but insiders would have to be recruited to attack
others, he added. Furthermore, this would have to be coordinated brilliantly
and carried out in hours, not days, to thwart the counterbalance of ongoing
recovery efforts. We can assume that with a $200 million war chest, the
attackers will have little trouble buying the needed cooperative insiders.
But there again, the more people involved, the greater the chance that some
dumb bastard is going to slip up in a big way and blow the whole operation.
In the finance area, group member Annie Earley recommended attacking markets
and disrupting cash flow and credit availability in the consumer, corporate
and institutional realms simultaneously to undermine public confidence. To
get the most long-term damage from the smallest investment, she advised
attacking the ACH (Automated Clearing House) payments system.
According to the Federal Reserve, in 2000 ACH handled 4.8 billion items
valued at $12 trillion, including salary deposits, consumer and corporate
bill payments, stock dividends, Social Security and other entitlement
payments by the US Treasury, insurance premiums, and stock purchases.
Earley says it's painfully easy to replicate the ACH format and simulate a
valid transmission while substituting bogus transactions. I was rather
impressed with her diabolical imagination. Imagine starting the attack on
Friday, 26 November 2004, the start of the Thanksgiving holiday weekend.
Social Security benefits will be paid during the weekend, creating a flood
of activity within which to conceal numerous other malicious efforts
involving salary deposits and scores of other transactions handled via ACH.
All the bogus payments would be fomatted legitimately and be small enough
not to attract attention (under $10,000 each). Short-staffing on the holiday
weekend reduces the chance that oddities will be noticed. Earley expects
30-45 days' lag in the public's discovery of the monkey business, but once
people begin to reconcile their monthly statements, call centers will begin
going berserk, bank branches will be flooded with confused, demanding
patrons, and it will be impossible to answer everyone's questions. Staff
capacity will simply be exceeded and all Hell will break loose.
Obviously, Earley has forgotten the carefully-groomed and fully-tamed
American media which will dutifully promulgate whatever improbably-cheerful
message the government and Wall Street see fit to feed it. You may not be
able to reach your bank's call center, but the major papers and networks
will be far ahead of the curve, offering the populace whatever soothing
platitudes the nation's financial-sector flacks have prepared for just such
an eventuality. Unless this attack can be coordinated with an effective
communications infrastructure attack which would knock out national TV, I
don't see it sowing panic. Earley's vagueness about the discovery time-line
makes such tight coordination impractical at best.
Now we come to the magical, mysterious Internet, the very nexus of mass
cyber-terror superstition. In this case the team assumes only $50 million to
spend, four cells, and six months in which to plan.
Team member John Mazur recommended establishing a covert control network to
undermine confidence in the Internet. This would make use of P2P
applications, compromised VPNs and hijacked machines in enterprise networks.
High-value targets might include media outlets through which malicious
hackers could spread disinformation (or at least entertainment). Other handy
targets would include NSPs, financial, power and enterprise networks, and
corporate and government networks entrusted with sensitive information.
Member Paul Schmitz imagined four cells: a recon and intelligence cell
(probing, mapping, scanning, enumerating); an architecture cell (owning
remote machines), a disruption cell (playing Hell with data and DoS'ing),
and a destruction cell (finally switching off the lights). It should be easy
to turn insiders -- today, thanks to the incomprehensible greed and
irresponsibility of the upper brass in several key companies like KPNQwest
and WorldCom, there are now thousands of disgruntled and 'downsized' workers
with the necessary skills, and motivation, to be of assistance.
Strategic targets would have to be chosen carefully. If all went well for
the h4x0r dream-team, it might be possible to create cascading failures
extending for a few days' time. This would involve router OS poisoning,
ruining tables; system corruptions involving widespread Windoze blue
screens, and finally disablling DNS servers so that what remains of the
Internet would be difficult for ordinary users to exploit. To some extent
this could be sustained by rapidly-changing attack methods; thus
multiple-day attacks are feasible, if not probable.
To sum up, the Naval War College's Craig Koerner pointed to the need for
"synergies" in making the attacks interoperable, hence feasible. For
example, the group would likely attack the Internet last to preserve it for
other, continuing attacks. He pointed out that while local attacks are
possible, it's virtually impossible to bring off any lasting, nationwide
horror. The stereotypical scenario of a crew of hackers bringing down the
national infrastructure is quite ludicrous, despite the apparently perjured
testimony before numerous Congressional Committees of Michael Vatis, Louis
Freeh, Richard Clarke, John Tritak, Ron Dick, Scott Charney, and Mudge.
But you already knew that.
http://theregister.co.uk/content/6/26675.html