Intelligence: March 14, 2004

Archives

: Even before September 11, 2001, there was fear that terrorists would exploit vulnerabilities in the Internet, and other networks, to make devastating economic, and even life threatening, electronic attacks. Naturally, governments the world over, especially in heavily networked countries like the United States, made a lot of noise about increasing their network security. 

There was one major problems with increasing network security. The government has much less talent and resources to deal with this problem than do the commercial companies that supply the network with software, hardware and services. While the U.S. government has enormous intelligence resources, and can pick up lots of information about what al Qaeda, or other terrorists may be up to, they cannot easily share it with civilian network security experts. That's because the government information is highly classified, and only those who have passed stringent government security checks can look at it. A few civilians get the security clearance and are able to look at the secret material, but most civilians don't want to go through the intrusive security clearance process. 

To get around this problem, Internet security people outside the government have begun to collect information that is available from unclassified sources. This stuff can be discussed freely, and that usually generates more, and better, ideas on how to deal with the threat. One of these efforts can be found at https://www.ists.dartmouth.edu/TAG/cyber-capabilities-terrorist.htm. The information in this report was obtained from government documents (those posted on the web, plus court testimony, criminal indictments), academic reports, material posted by terrorist organizations on the web and media stories. There's a lot of stuff out there. 

The intelligence agencies don't like to talk about the fact that most of what they collect can be obtained from open sources. Soviet spies during the Cold War made much use of this technique, and looked forward to assignments in the United States, where there was enormous quantities of good information right out there in the open. The Soviet spies called these trips to America "trunk jobs," because all they had to do was fill a trunk with unclassified documents and take it home. Russian scientists and military intelligence analysts were quite pleased with the trunk contents and everyone was happy.

The Dartmouth "trunk job" is one of many that have been conducted in the last few years. Terrorists are thought to use the same technique. But one thing the terrorists don't have are a large number of skilled Internet engineers and programmers to put together deadly Internet attacks. While there are a lot of "hacking made easy" tools out there, none of them allow anyone to do major damage. Yet. But this doomsday attack will probably be attempted by a bored teenager first, for there are far more of these kids out there than there are net savvy terrorists.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close