December 7, 1941 is the date, of the Japanese attack at Pearl Harbor and the commencement of
hostilities against US forces across the entire Pacific theater. The purpose of Pearl Harbor was to send the
Pacific Fleet to the bottom of the ocean and effectively neutralize the United States as maritime power in the
Pacific. Initially, Pearl Harbor was a tremendous Japanese victory. The Japanese attacked America’s most
potent asset at its most vulnerable position. One way to look at this is they sought to destroy the best US
technology in the Pacific.
Many inside and outside the American defense establishment worry about a second Pearl harbor attack
not directed against carriers and frigates, but against the electronic infrastructure used to command and control
the American military. It is suggested the attack could take place from any point on the globe. While this is true,
there is a little detail called bandwidth.
Bandwidth is best described as the data pipe. If the pipe is narrow, then the amount of data that can
pass through is limited causing slower connections and longer refresh rates. Just like water running through a
pipe—the larger the pipe the greater the flow rate. Data is the water and bandwidth is the size of the pipe. I
believe speed and distance are still related to a successful cyber attack. Generally, a larger bandwidth is easier
to achieve the closer you get to the target systems.
Any cyber attack must be massive and layered. A massive attack would attempt to disrupt multiple
systems, and a layered attack would vary the weapons. Once the target systems are identified and access
methods are defined to those systems, a cyber attack would take the following forms:
Generate massive traffic to a target in the form of login or access requests. Any given system can only
support a limited number of concurrent connections. This could be accomplished by staging a bank of
computers running multiple instantiation of telnet or rlogin sessions against specific sites.
Attack defensive systems by systematically turning off processes and tasks designed to prevent cyber
attacks. Filter out the expected processes for any given system and shut down all others. Chances are
good you will knock down defensive programs.
Attack the CPU by spawning processes designed to bog down CPU performance, effectively degrading
the target system’s performance. Install or spawn jobs that are computational or CPU intensive and move
their job queue priority to high.
Attack system I/O by chewing up the internal bus bandwidth with disk intensive operations. This is easily
accomplished using a job that creates large files (e.g. 2 gigabytes or larger) and copying them around the
mount points.
Attack the operating system by damaging or deleting necessary files for operation. Generally, a cyber
terrorist is going to interact with one of three dominant operating systems: UNIX, NT or some sort of
legacy mainframe system. Regardless the system, operating systems have specific binary or executable
programs and special configuration files. Seek and destroy these files, the system could crash or be
crippled when the target system’s operators attempt to reboot that the system remains down.
Attack the data by directly deleting critical files or spawning processes to overwhelm basic database
operations. So many operations are tied to some sort of database, and databases (like operating
systems) follow fundamental design processes. One of the most effective ways short of deleting files is to
attach a database process that generates massive internal traffic. This causes the database to start
thrashing and effectively degrade performance.
Attack linked systems by examining the files used to link target systems together. For example, a
“hosts” file in UNIX identifies additional systems used for day-to-day operations. Before destroying this
file, migrate the attack to those additional systems.
None of these techniques are far fetched or even beyond the scope of the average programmer. I have
seen most of these techniques occur on modern systems and the problems were generated by accident not
malicious intent. There are many weaknesses that can be exploited by anyone wishing to devastate target
systems. The trick is gaining access to the target systems; however, once access is attained the opportunity to
wreak havoc can probably be measured in minutes at best. My target list would be as follows in order of
importance.
1.Command and control.
2.Satellite and reconnaissance.
3.Communications
4.Fire control
5.Logistics
6.Transport
How likely is this scenario? Consider the fact that the Clinton Administration wants to spend two billion
dollars to strengthen military information systems. The talk amongst experts is not if, but when. For anyone to
commit serious mischief in the world—mischief that affects American national interests—the ability for the
American military to react must to be crippled. The easiest way to cripple America is to limit her ability to see
and react to threats, and recent major military operations (e.g. Gulf War and Kosovo) demonstrate the
dependence the military has on information and related systems.
Remember, technology is fragile and so is our national security.
![[Douglas De Bono / DouglasDeBono.Com]](logo05.jpg){kind=logo}
![[raphael]](http://www.parkerinfo.com/ring/raphael.jpg)
![[hbd]](http://www.parkerinfo.com/ring/hbd.jpg)
![[Netscape]](http://www.parkerinfo.com/ring/net3.gif)
![[PIR]](http://www.parkerinfo.com/ring/parker3.gif)
![[Douglas De Bono / DouglasDeBono.Com]](logo04.jpg){kind=logo}
