US Worries About Growing Threat Of 'Cyberwar' in Information Age
What could be one of the most dangerous and least understood post-cold-war threats facing the United States today has nothing to do with nuclear weapons or smart bombs. It may involve the clicking of computer mouses and the sending of unseen commands through cyberspace.Skip to next paragraph
Subscribe Today to the Monitor
American officials and business leaders are becoming increasingly concerned about US vulnerability to "information warfare" (IW) - attacks on the nation's complex web of computers and electronic-data networks by enemies, terrorists, or even weekend hackers.
While computer security has long been a concern, apprehension is mounting about the threat of "cyberwar" and other electronic mischief as the nation's military, financial, government, and business sectors become more interlinked and dependent on proliferating communications networks worldwide.
Consider this scenario, which senior US officials and business leaders recently grappled with as part of an unprecedented Pentagon exercise:
The year is 2000 and Iranian forces are advancing on Saudi Arabia in a bid to seize control of the oil-rich Gulf. As US-led allies gear up a Desert Storm-style response, computer systems in America and elsewhere are hit by invisible assaults from the ether of cyberspace.
Telephone and power networks are taken out by "logic bombs" planted via the Internet. Viruses and other digital weaponry send banking and financial systems haywire and cause planes and trains to crash. As US leaders grope to trace the source of the chaos, history's mightiest military is paralyzed.
"Information warfare has no front line. Potential battlefields are anywhere networked systems allow access," concludes the study by the Rand Corp., the think tank that plotted US nuclear strategy. "In sum, the US homeland may no longer provide a sanctuary from outside attack."
Says an administration official: "There is a recognition that we are vulnerable. There is a feeling that maybe it's time for a focused national policy."
In their public statements, senior officials list terrorism, chemical and biological weapons, and the theft of nuclear bomb materials as the gravest dangers facing the US. Few ever mention IW. What work the the US has done on IW has concentrated almost exclusively on "offensive" tactics for use against enemies.
Developing a strategy to defend against IW faces massive hurdles, including finding a balance between privacy and the government's responsibility to safeguard national security.
Extent of threat unclear
An even more fundamental problem is that no one knows the true extent of the threat. A congressional report released this week quotes US intelligence officials as saying there has been no systematic effort to collect data for use in assessing how much of a threat IW poses.
Furthermore, the extent of US vulnerabilities is unknown. Though government agencies are believed to suffer numerous daily computer attacks, few are ever detected and reported.
Meanwhile, the corporate world has been unwilling to cooperate with the government on the issue. Companies refuse to reveal their own vulnerabilities, damages, and losses caused by computer attacks. Doing so could drive off customers, shake the confidence of their stockholders, and help competitors. The private sector also shuns government involvement in their business, especially communications.
"We do not want the federal government telling private companies how to run their information systems. But clearly there is a federal interest involved in protecting nationally linked systems," asserts Sen. Jon Kyl (R) of Arizona. "The United States currently has no ability to protect itself from cyberspace attacks."