- The Washington Times - Friday, January 4, 2008

ANALYSIS/OPINION:

In the computer age — and 2008 is definitely in the computer age — the difference between an act of war and crime is often a matter of interpretation as well as degree.

Attack a nation’s highways and railroads, and you’ve attacked transportation infrastructure. You have also committed an obvious, recognized act of war.

An electronic attack doesn’t leave craters or bleeding human casualties, at least not in the same overt sense of an assault with artillery and bombs. However, the economic costs can be much larger than a classic barrage or bombing campaign.

Cyberspace has become a much busier and more dangerous place in the last 15 years. Today, entire nations rely on computer networks for communications, economic transfers and information storage. Computers and computer networks are lucrative targets for criminals. This increased reliance means that in the 21st century targeting a nation’s electronic infrastructure is an act of war.

Bankers know this. So do intelligence agencies. Diplomats and political leaders must also come to grips with that reality.

Everyone with a personal computer understands the basic concepts of cyber warfare. Link your laptop to the Internet and you link to the great collective of the Information Age. You also connect to a digital disease pool populated by viruses that instantly erase electronic brains. That means data is destroyed — perhaps less messily, but as thoroughly, as an attack with a high-explosive bomb.

You also enter a world where even trusted Web sites may leave a tracking cookie on your own computer so they can know something about your Internet shopping preferences.

There are, however, even more aggressive programs that allow inquisitive geeks to follow everything you read and write. These cyber spyware programs are a form of cyber spy war.

Add more sophisticated digital trickery and more levels of penetration wizardry, and programs like these could steal secrets from embassies and defense facilities.

Spies and soldiers know cyber attacks aren’t new and that institutional computer systems — even large, ostensibly well-protected one like those used by banks, big businesses and government agencies — are also vulnerable. In the early 1990s, a senior National Security Agency staffer told me that individual hackers were constantly trying to penetrate various government networks. He did not elaborate — any elaboration would have quickly involved classified material — but he said NSA analysts had learned a lot watching these people. Those are cryptic words from a cryptologist in the days when computer-savvy 14-year-olds were tapping into their parents’ bank accounts.

In late April last year, the world got a look at the economic and psychological effects of a massed cyber attack — a sophisticated, sustained and coordinated hack of an entire country.

Estonia was the victim. Estonia is a wired society that made Internet access an economic and political priority. Over a period of weeks (April through mid-May), Estonia suffered from what The Washington Post described as massive and coordinated cyber attacks on Web sites of the government, banks, telecommunications companies, Internet service providers and news organizations. Bank accounts were probed, e-mail services shut down.

Estonia’s minister of defense called the attacks organized attacks on basic modern infrastructures. According to press reports, Estonia claimed the attacks originated at the Internet addresses of state agencies in Russia. Russia denied the charge, attributing the attacks to criminals and vandals.

There is no doubt the Internet is rife with criminal activity. Last Sept. 5, StrategyPage.com called China Computer Crime Central. The StrategyPage report focused on poisoned Web sites that try to steal financial data (like bank account login information). StrategyPage argued that some Internet criminal activity appeared to link to attacks on Western military and government networks.

Those attacks certainly occur. On Sept. 3, the Financial Times reported that China’s military had hacked a Pentagon computer network in June 2007. That followed reports that Germany’s Chancellor Angela Merkel had complained to China’s premier about Chinese hacking of German computer systems.

A criminal act or an act of war? Until September 11, 2001, the U.S. government treated terror as a criminal-type activity to be confronted with a robust law enforcement effort. That approach, however, proved inadequate.

Austin Bay is a nationally syndicated columnist.

LOAD COMMENTS ()

 

Click to Read More

Click to Hide