Information Warfare: December 7, 2003


Fears  continue to grow that Islamic terrorists will soon be capable of using the Internet to make devastating attacks. There has been evidence, from captured documents, computers and prisoner interrogations, that such attacks are planned. Since September 11, 2001, there has been evidence of more visits, from Middle Eastern Internet users, to American power plant and industrial web sites. The danger is real, but when you examine the record of such attacks, a different picture appears. First of all, there has been only one documented incident where an industrial site was hacked into and damage done. This was in 2000, in Australia, where a former employee broke into a sewage plant computer system and released some sewage. Some fish died, no people were hurt. The hacker was involved in designing and installing the system he broke into, and even then, he had a hard time doing it. Such attacks will become easier in the future, as more utility and industrial computer systems are upgraded to use widely available system software from Microsoft, or use increasingly popular system software like Linux. Microsoft operating systems are notoriously vulnerable to break-ins. But potential hackers have another problem, some 99 percent of the people capable of hacking into such systems come from outside the Arab and Moslem world. Al Qaeda has been able to attract some people from outside their normal recruiting grounds, but few of these have any computer expertise. Most of the attacks on American utilities and industrial web sites are from young American hackers. However, such attacks are possible if al Qaeda could gather a crew of competent hackers from among their ranks. This is possible, as al Qaeda has many college educated followers. But the effort would have to be kept secret. This would not be easy, as such a cyberterrorism effort would require a lot of probing and practicing on sites that are potential targets. These probes are often noticed, and traced back to their source. The United States has the largest number of "White Hat" (good guy) hackers and many of the "Black Hat" hackers (the bad guys) have been caught because White Hats noticed something wrong where they worked and enlisted friends to hunt down the source of the mischief. If the al Qaeda cyberwarriors were detected during their lengthily preparations, they would lose the anonymity that is so essential to a successful attack. The public will never know how this war is playing out, unless there are arrests. Even if the terrorist cyberwarriors are detected, it will be important to keep that secret, the better to pinpoint who, and where, they are. There may even be several cyberwar "battles" with al Qaeda that will proceed without much, if any publicity. There may have been one already. And despite the odds, al Qaeda's cyberwarriors could always get lucky. Do you feel better now?




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close