A Cyber War has Begun

Recently a series of cyber attacks on the Defense Department and Defense contractors in the United States as well as the Ministry of Defense and Parliament in the U.K. have created significant causefor- concern by computer security experts. An investigation of the attack signatures shows a significant level of sophistication. Most are “highly skilled professionals” said one source who wished not to be identified. The most recent cyber attacks are using new strains of computer viruses, logical bombs and other advanced techniques that can paralyze government agencies and communications. Information for exploiting known computer vulnerabilities is easily obtainable by anyone via the Internet.
Programs covering nearly every aspect of hacking, from Trojans to keyloggers to step-bystep tutorials on how to effectively hack computer systems, are now available on eBay’s online auction site. Individuals do not need to be overly technical to use these hacking tools either. Making a much broader audience aware of how easy it is to get these tools and use them has security professionals concerned. One computer insider said that there is evidence that a criminal enterprise has been established whose sole purpose is to create hacker kits to exploit software vulnerabilities as soon as they are publicly disclosed. One such hacker kit developed last year sold for over $50,000 per copy. This is big business.

Cyber Warfare Arsenal
At this time intelligence sources are unsure the number of countries developing or acquiring cyber weapons nor the size and capabilities of their cyber arsenals. Many questions remain unanswered.
Insiders have said that the full extent of the U.S. cyber-arsenal is among the most tightly held national security secrets, even more guarded than nuclear capabilities. However, since last year there has been a 46 percent increase in attacks on Department of Defense web sites. In the response to the threat posed by the widely available arsenal of cyber weapons, the U.S. Navy increased its cyber defense force from 200 sailors to 15,000 in the past three years? The navy is now spending nearly a billion dollars a year to defend its computer systems.

Estonia Attacked
In April of this year Estonia was the target of a coordinated attack on their national internet infrastructure which all but crippled the country. The attack lasted about three weeks and involved an estimated 1 million computers. The massive denial-of-service (DOS) attack was thought to be launched by Russian hackers. The attacks on Estonia began April 27. The attack used “botnets” (swarms of computers hijacked by malicious code) to overload sites and networks by deluging them with bogus requests for information. Estonia has a population of about 1.3 million and is one of the most wired countries on earth. The intent of the attack was to shut down the country's information infrastructure. This impacted Estonia’s citizens’ ability to execute financial transactions as well as impacting the country’s supply chain for food and other products. For example, at the peak of the attack, people who wanted to use payment cards to buy bread or gas had to wait because the traffic overload created by the attack all but halted operations at Estonia's banks.
In the book “Unrestricted Warfare” published back in February of 1999 it suggests tactics that can be used by developing countries (like China) to overcome military inferiority when going up against countries like the United States. This concept has continued to evolve and now consists of fifteen different modalities of warfare employed against an enemy. Note: For additional information on the concept of UnRestricted Warfare, please refer to Eye Spy Magazine Volume Number 40 published in 2006.
Global Leaders face a new threat environment unlike any we have previously experienced in the past. Our offensive and defensive capabilities must be built to address the full spectrum of warfare in the 21st century. Earlier this year an article in the Washington Post reported President Bush has signed a secret directive ordering the government to develop a nationallevel policy for determining when and how the United States would launch cyber-attacks against enemy computer networks. The Department of Homeland Security created the National Cyber Security Division (NCSD) under the Department's Information Analysis and Infrastructure Protection Directorate.