14-year-old sociopaths and other national menaces

February 03, 1997|By Daniel S. Greenberg

WASHINGTON -- It's beyond us cyber-naifs to judge the many warnings about the awesome disruptions wrought by mischievous and malign computer hackers. In various horrific scenarios, they bring a cosmic scale to the familiar explanation that ''the computer is down,'' committing mayhem on systems vital for defense, banking, communications, Social Security checks, air-traffic control, medical records and so on.

From what's publicly known, electronic trespassing has so far been localized and of no great consequence, though the virtuoso skills displayed in these forays might have been successfully directed at bigger targets.

Recently, as reported in the New York Times, hackers invaded the home page of the Air Force, splashing an assortment of pugnacious statements across the screen, such as ''Welcome to the Truth,'' and ''Learn the secrets that they don't want you to know,'' followed by allegations of a cover-up of alien landings. The electronic intruders were expelled, with no damage, except to the pride of the Air Force. The other military services and many civilian government agencies have also experienced electronic break-ins.

Clearly, the hacker talent is there. And unless specialists in this brand of security are crying wolf, the potential for deliberately induced electronic chaos on a grand scale is not to be ignored.

The underside of computer wizardry was directly acknowledged by IBM in a recent run of advertisements headlined, ''Will a 14- year-old sociopath bring my company to its knees?''

Expanding on this theme, the advertisement raised the specter of ''some wily hacker, or, worse, a paid professional, creeping through your company's most valuable information.'' But help is available for the worried businessman, IBM declared, offering IBM's own team of '' 'ethical hackers' who try to break into your system and reveal the cracks in your armor.'' After they identify the cracks, IBM will ''erect multilayered firewalls'' to keep out the scoundrels.

Even so, IBM is obviously respectful of the skills of the unethical hackers, because it added that ''in the event of a break-in, an Emergency Response Security Team is standing by around the clock to detect it, contain it and stop it from happening again.''

Hacker with a cause

If business firms are vulnerable to 14-year-old mental cases with computer skills, the national infrastructure faces far greater dangers from professional hackers with political or economic agendas. That's the conclusion in a recent report of a blue-ribbon task force appointed by the Defense Science Board, the Pentagon's top science-advisory group.

Warning of a coming era of ''information warfare,'' the task force described it as an inexpensive means of causing chaos in both military and civilian systems -- ideal for terrorism as well as for major hostilities. Information on how to break into these systems ''is freely available on the Internet,'' the task force reported, noting the ease with which hackers ''steal computer addresses, user identities and user passwords from all the major Internet and unclassified military networks.

Intruders then use these stolen identities and passwords to masquerade as legitimate users and enter into systems. Once in, they apply freely available software tools which ensure that they can take control of the computer and erase all traces of their entry.''

Substantial skill is required to break into highly secure systems, the task force said, but it added that ''This is not to make light of the common hacker 'attack' methods reported in the press.'' They, too, can create turmoil.

The Pentagon's advisers called for spending several billion dollars on the development of secure software and hardware, training of security specialists and intelligence activities. The aim is to protect systems that are both vulnerable and indispensable to running a modern society. But with computer expertise widely distributed and rapidly expanding, it is far from certain that the defense can always stave off the hackers.

Daniel S. Greenberg is editor and publisher of the newsletter Science & Government Report.

Pub Date: 2/03/97

Baltimore Sun Articles
|
|
|
Please note the green-lined linked article text has been applied commercially without any involvement from our newsroom editors, reporters or any other editorial staff.