Hackers Keep Allies on the Defensive

By David Abel  |  The Boston Globe  |  6/20/1999

WASHINGTON -- Three days after NATO began raining bombs on Yugoslavia in late March, hackers in Belgrade began flooding the alliance's headquarters in Brussels with thousands of e-mails and potent computer viruses, eventually forcing NATO to temporarily take its system off line.

Later, officials briefly shut down the White House's official Web site after someone with a computer and a gripe against the war breached its well-protected system.

And not long after that, a group of Chinese hackers unleashed their anger over the United States' accidental bombing of the Chinese Embassy in Belgrade, scrawling graffiti and denouncing NATO's "Nazi action" on the home pages of the departments of energy and interior.

These were a few of the thousands of attacks on allied computer systems in what Pentagon officials call the first cyber-war.

"We experienced at least 80 to 100 of these intrusions a day during the war," said Susan Hansen, a Pentagon spokeswoman, who said the Defense Department has launched a review to study the attacks and responses. "As with all computer systems, there are vulnerabilities. But we are increasing our defenses."

The Pentagon would not say how it determined that the attackers came from Belgrade and Beijing, nor would it discuss specific countermeasures.

The flurry of cyberspace attacks did not surprise the Pentagon, which for years has been the target of scores of daily Internet-based assaults.

Just a month before the bombing campaign began, Deputy Secretary of Defense John Hamre detailed to Congress the havoc cyber-warfare could wreak.

With about 95 percent of the Pentagon's communications over open lines such as the Internet and commercial phone lines, the Defense Department's activities could be severely hampered if either were disabled, he said.

Furthermore, the Pentagon is trying not only to protect major systems from sabotage by hackers and spies, he added, but from disaffected employees.

"In the past, much of our defensive efforts were to protect our offensive capabilities," Hamre told the House Armed Service Committee in February. "Now we have to protect an extensive Pentagon information infrastructure - virtually all of which depends upon the commercial communications networks - because we simply cannot conduct and sustain offensive operations without these critical infrastructures."

While the cyber-attackers were more of a nuisance than a nemesis, officials say the campaign underscores the growing threat.

What if hackers breached the computer systems of the National Imagery and Mapping Agency and altered maps? Or found a way to filch targeting plans from NATO computers? Or lodged a virus in software used by bombers to aim their weapons?

These are the hypothetical scenarios that trouble Dan Kuehl, a professor of information warfare at the National Defense University in Washington.

"What worries me is not the graffiti, but people subtly changing content," Kuehl said. "Let's say a few words are changed on a corporate Web site, that could have a significant effect on the price of that company's stock. And then imagine the same thing on the State Department's Web site. That could be very serious."

Since the war began, the Pentagon has moved to shore up its computer defenses, officials said. Using some of the $3.6 billion budgeted between this year and 2002, the Pentagon this month began moving the majority of Internet traffic from a commercial service provider to a protected in-house server.

In December, the Pentagon established the Joint Task Force for Computer Network Defense, a 24-hour information protection nerve center that continuously monitors the military's computer systems and stands ready to respond to attacks.

The joint task force recently set up an information operations system similar to what the Pentagon uses to assess the threat of nuclear war. On a scale that ranges from Normal to Delta, the task force during the war set the country one notch above the lowest threat level.

"This reflected our level of concern for the attacks," said Melissa Bower, a task force spokeswoman. "It wasn't great."

But what Bower and others read from the computer attacks is a warning for the future. Anything from the nation's banking system to the air traffic control system potentially could be held hostage during a cyber-war, they fear.

Dorothy Denning, a computer scientist and information warfare expert at Georgetown University, said she could imagine all kinds of devastation a savvy hacker with a vengeance could inflict. The nation's vulnerability is increasing, she said, as people rely more on computers.

"The consequences could be tragic," Denning said. "Our systems will never be absolutely secure. But we can't live in a totally walled-off community. This is the future."