As computers proliferate, can they be made tamper-proof?
| Denver
The industrial world is rushing headlong to replace letters, receipts, and currency with electronic impulses in computer networks.
And as it does, some experts warn that without proper safeguards, these networks may become increasingly vulnerable to manipulation by political extremists or foreign powers.
''We, as a nation and as a world, are charging merrily ahead with the process of computerization without really looking at what we are doing,'' warns Willis Ware of the Rand Corporation, who has called for a national commission to study this question.
Computer crime expert Donn P. Parker of SRI International says, for example, that unless proper safeguards are taken, growing dependence on electronic funds transfer (EFT) systems will increase the risk that extremists or foreign agents can tamper with them. Economic havoc would result, he says.
The French and Swedish governments already have established national commissions to examine the implications of widespread computerization. But in the United States, the issue hasn't yet attracted much attention at the national level, the experts say. However, the topic was taken up by two panels at the National Computer Conference in Houston earlier this summer. Also, US Rep. Bill Nelson (D) of Florida is drafting legislation that would make computer tampering a serious crime.
One of the first places to worry about such vulnerabilities is in the realm of high finance, experts say.
Dr. Parker first raised questions about possible threats to national security from EFT two years ago at a conference in Monaco.
''The physical or logical destruction of (such a system), which could, in turn, cause economic collapse of a country, is a more appealing and cost-effective form of war than one using nuclear bombs and missiles. Far fewer resources are necessary, and these could be obtained or might already be possessed by a small country. The size of wealth of a country by any measure is no longer the limiting factor . . . ,'' he suggests.
Because the public is not directly involved, it doesn't realize how extensive these computerized fund-transfer networks have become, Parker points out. A single large commercial bank will transfer from $30 billion to $60 billion a day by computer. The network that ties together members in the US Federal Reserve turns over an amount equal to the national debt every four days.
Still, 99 percent of all financial transactions made in the US are handled with paper, reports Frederick Schroeder, an economist with the Federal Reserve who is studying the economic costs and benefits of EFT. But because of the lower processing costs, the nation's banks are ready and eager to replace traditional methods of doing business with the new, electronic forms as fast as the public will accept them.
The most serious threat to the nation's security posed by this process would be the covert destruction of large amounts of the electronic or ''virtual'' money. This could be accomplished by erasing all record of it from the computers involved, Parker says. If $160 billion were obliterated in this fashion, it could create an economic catastrophe, he argues.
''I'm reminded of the case in World War II where the Nazis tried to subvert England's economy by flooding the country with counterfeit money. It didn't work then, and I don't think there is a way that the computerized banking systems could be consistently subverted,'' Mr. Schroeder responds.
Prof. Rein Turn of Northridge State University, a participant in one of the computer conference panels on this subject, tends to agree.
''You have to assume that manipulations of this sort would have disastrous consequences for them to have societal harm in the large sense. If a group put enough resources into such an activity, they could probably pull it off, but we felt that the US economy is big enough, and diverse enough, so that it would be quite resilient to these sorts of things,'' he demurs. The sense that emerged from the deliberations this summer was that the nation does not appear to have developed a significant vulnerability to possible manipulations of this sort, Professor Turn says.
''The designers of these computer systems are building in protections against the scenarios we have thought of,'' Parker acknowledges. But, he adds, there is always the niggling question that these new networks may have some major weakness no one has thought of. Thus, the experts at the Houston meeting recommended that each business sector involved in the process of automation should work up contingency plans to cover the possibility that its computer systems are sabotaged or seriously compromised.
''While it does not appear to be a major problem today, the potential is there and we may face it in the next few years,'' Parker says.
Dr. Ware is more concerned about other forms of computerization than banking systems. ''EFT is one of the safer areas because the banking community worries continually about fraud and theft,'' he argues. He says he is more concerned about developments like electronic mail and computer ''linkages.'' Linkages are potential tie-ins between different businesses. For example, links could develop between an increasingly computerized stock market and the banking community. Or retail businesses could be linked to banks through ''point of sales'' computers, which would allow bank-card holders electronically to debit and credit bank accounts in supermarkets and department stores.
Financial and other types of computer systems are routinely protected by password-based security systems. But as society becomes more dependent on them, Parker argues that a more sophisticated security system based on encryption will become necessary. Encryption, or crypto, involves storing information in elaborate secret codes that require special keys to decipher. Currently, these techniques are not being used extensively in private systems and the 25 or so companies selling computer encryption systems are struggling to survive.
To a certain extent, encryption involves ''trading one vulnerability for another,'' Parker says. While making it far more difficult for those on the outside to penetrate these systems, it makes it much more vital to keep track and safeguard the keepers of the keys to these secret codes.
