January 20, 2003
CyberWar or CyberHype?
As the US edges ever closer to military action against Iraq, there is once again chatter about "cyberattacks" targeting US military and government sites. A recent New York Times story describes a classified FBI assessment that a "recent rise in electronic attacks against government and military computer networks in the United States may be the work of pro-Iraqi hackers and could signal a 'potential crisis' in national security."
Juxtapose this with a story from last week documenting the American military flooding Iraqis with "Surrender Spam". In response, Iraq apparently shut down its Internet connections to the outside world to deflect the email barrage.
I found a couple of interesting comments in these stories that may provide some perspective. The NY Time account includes a quote from Tim Madden, a spokesman for the military's Joint Task Force-Computer Network Operations. "The fact is, we are attacked and we defend on a daily basis," Madden told the Times. "Less than 2 percent of those attacks are successful in that the intruders gained root-level access."
Ummm ... does that mean that nearly 2 percent of cracking attempts targeting .mil sites are able to get root access? Yikes! Let's hope that's a misprint or misquotation. If true, that would suggest that the bar is set pretty low for hostile cyber-mischief against the miitary.
But perhaps not from Iraq. The San Francisco Chronicle story relates that Iraq shut down "the country's two e-mail servers." Can a nation whose Internet infrastructure consists of two e-mail servers really pose a cyberthreat?