2Lt William Liggett (L) talks with a colleague as a map is displayed on one of the screens at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs, Colorado July 20, 2010. U.S. officials have shown increasing concern about alleged Chinese and Russian penetrations of the electricity grid, which depends on the Internet to function. The Pentagon in recent weeks has begun pushing to put civilian infrastructure under its wing in a proposed cyber realm walled off from the rest of the Internet.Credit: Reuters/Rick Wilking
By Jim Wolf
WASHINGTON | Tue Oct 5, 2010 11:44am EDT
WASHINGTON (Reuters) - Guarding water wells and granaries from enemy raids is as old as war itself. In the Middle Ages, vital resources were hoarded behind castle walls, protected by moats, drawbridges and knights with double-edged swords.
Today, U.S. national security planners are proposing that the 21st century's critical infrastructure -- power grids, communications, water utilities, financial networks -- be similarly shielded from cyber marauders and other foes.
The ramparts would be virtual, their perimeters policed by the Pentagon and backed by digital weapons capable of circling the globe in milliseconds to knock out targets.
An examination by Reuters, including dozens of interviews with military officers, government officials and outside experts, shows that the U.S. military is preparing for digital combat even more extensively than has been made public. And how to keep the nation's lifeblood industries safe is a big, if controversial, aspect of it.
"The best-laid defenses on military networks will matter little unless our civilian critical infrastructure is also able to withstand attacks," says Deputy U.S. Defense Secretary William Lynn, who has been reshaping military capabilities for an emerging digital battlefield.
Any major future conflict, he says, inevitably will involve cyber warfare that could knock out power, transport and banks, causing "massive" economic disruption.
But not everyone agrees that the military should or even can take on the job of shielding such networks. In fact, some in the private sector fear that shifting responsibility to the Pentagon is technologically difficult -- and could prove counterproductive.
For the moment, however, proponents of the change seem to have the upper hand. Their case has been helped by the recent emergence of Stuxnet, a malicious computer worm of unknown origin that attacks command modules for industrial equipment.
Experts describe the code as a first-of-its-kind guided cyber missile. Stuxnet has hit Iran especially hard, possibly slowing progress on Tehran's nuclear program, as well as causing problems elsewhere.
Stuxnet was a cyber shot heard around the world. Russia, China, Israel and other nations are racing to plug network gaps. They also are building digital arsenals of bits, bytes and logic bombs -- code designed to interfere with a computer's operation if a specific condition is met, according to experts inside and outside the U.S. government.
THE WORMS ARE COMING!
In some ways, the U.S. military-industrial complex -- as President Dwight Eisenhower called ties among policymakers, the armed forces and arms makers -- is turning into more of a military-cyber-intelligence mash-up.
The Pentagon's biggest suppliers -- including Lockheed Martin Corp, Boeing Co , Northrop Grumman Corp, BAE Systems Plc and Raytheon Co -- each have big and growing cyber-related product and service lines for a market that has been estimated at $80 billion to $140 billion a year worldwide, depending on how broadly it is defined.
U.S. officials have shown increasing concern about alleged Chinese and Russian penetrations of the electricity grid, which depends on the Internet to function. Beijing, at odds with the United States over Taiwan arms sales and other thorny issues, has "laced U.S. infrastructure with logic bombs," former National Security Council official Richard Clarke writes in his 2010 book "Cyber War," a charge China denies.
Such concerns explain the Pentagon's push to put civilian infrastructure under its wing by creating a cyber realm walled off from the rest of the Internet. It would feature "active" perimeter defenses, including intrusion monitoring and scanning technology, at its interface with the public Internet, much like the Pentagon's "dot.mil" domain with its more than 15,000 Defense Department networks.
If any other agency were to do this they would screw it up. The people in charge would take money and bow down to every Senator and Congressman. I think they will do a good job.fred5407 Report As Abusive
Cyberwar will expand the nuclear arms race — the computer- and software-destroying electromagnetic pulse race — more rapidly than anything else in recent history.
And even things like Stuxnet won’t succeed in stop nuclear expansion.
Despite the end of what was once called the Cold War, times are becoming increasingly dangerous.
Stuxnet might just as well have been the revenge by a disgruntled former Siemens employee. Because the control software is precisely tailored to the targeted industrial process, an expert in Siemens’s business must have been involved. The other aspects can potentially be covered by one or two hackers knowledgeable in Windows Explorer and USB driver weaknesses. To date, we have not even been able to ascertain the intended target. I am not sure whether the US Dept of Defense alone could accomplish the daunting feet of unraveling the full purpose of Stuxnet. Rather, understanding Stuxnet may take a concerted global community effort.
Read more here: