Computer Crime Research Center

Internet as Weapon
(By Chris Wallace)

C O L O R A D O S P R I N G S, Colo.

Intelligence experts worry that the next terrorist strike on the United States will be what they call a "swarming attack" a bombing or suicide hijacking combined with a hit on computers that will make it make tougher for law enforcement and emergency teams to respond.

To deal with such a threat, the Bush administration is finalizing a strategy to guard against cyberterrorism.

"It's much easier to do than building a weapon of mass destruction," said Richard Clarke, special White House adviser for cyberspace security. "Cyberattacks are a weapon of mass disruption, and they're a lot cheaper and easier."

What kind of damage using the Internet is possible? Clarke and other experts offered examples of what a skilled computer hacker could do, even from a computer on the other side of the world from the target: 1. Alter the software that controls phone service, shutting down communications for an entire region. 2. Open or close the switch on an electric power grid or the floodgates of a dam.

Testing the System

To get an idea of what terrorists could do to hamper an emergency response, ABCNEWS asked Innerwall, a Colorado Springs-based computer security consulting firm, to hack into a police department in a different state and see how much disruption it could cause.

Businesses hire Innerwall's computer wizards to find vulnerabilities in their systems before the real hackers do. Innerwall executive Vince Jordan says terrorists don't need much to do major damage.

"You could have somebody sitting in a cave someplace with a satellite uplink," said Jordan. "You could have somebody sitting in a hotel room with a broadband connection."

Holed up inside a room known as the "attack center," Innerwall's hackers targeted the Huntington Park, Calif., Police Department, located just outside Los Angeles. Police Chief Randy Narramore had installed what he believed was a "pretty high-tech" firewall to protect the department's computer system. He agreed to let Innerwall try to break in.

Chaos in a Police Department

The Innerwall hackers started their attack where a terrorist might surfing the Internet, searching for a way to get into police computers. They quickly managed to break into the department's system.

Once inside, the hackers built a map of a the network retrieving sensitive information about the computers they wanted to go after.

Then they launched the first assault: a fake e-mail from the chief of police to one of his detectives, Lt. Carl Heintz: "Carl, there is an emergency at city hall. Respond immediately to that location. [signed] Chief Narramore."

In his office, Heintz who knew that hackers would be testing the system, but did not know the exact time they would try was puzzled. "That's odd," he said. "From the chief? An emergency at City Hall?" He went down the hall to ask about the chief's message, but his colleagues had not heard anything about the alleged emergency.

In the meantime, the hackers had moved to phase two, sending the chief a fake response from his detective, with an attachment called a "Trojan horse." It was designed to target every computer in the department. However, the destructive program was blocked by the HPPD's virus-detection system and the chief was unable to open the attachment.

Back at Innerwall, the hackers tried another route. "We've got all kinds of messages going back and forth where the department really is not going to know what to do," Jordan, as he monitored the cyberattack.

Next, the Innerwall hackers sent an e-mail to all the computers in the e-mail system reading: "Your computer has been compromised. Do not close this window or your computer will be irreparably damaged. Please report to the 9-1-1- computer room immediately."

At the police department, the message appeared on every desktop. Detectives asked each other what was going on, and assembled in the computer room as instructed.

3Then, the hackers sent their last message, which popped up on every screen: "Innerwall has breached your security. Have a nice day."

The Verdict

Innerwall's technicians said the Huntington Park Police Department's computers are more secure than most they've seen. But if this had been a real attack? Said Jordan, "What we would probably have done is just knocked down all of the computers in the facility."

Huntington Park Police have added additional protective measures since the test.

Clarke, the White House cyberspace adviser, is not surprised by the results of the ABCNEWS test. He says the administration has set up "Red Teams" to try to break into government and private computers. The results, he said, are always the same:

"The Red Team always wins," Clarke said. "We always get inside and take control of your computer network."


Source: www.abcnews.go.com

Home | What's New | Articles | Links
Library | Staff | Contact Us

Copyright Computer Crime Research Center 2001, 2002 All Rights Reserved.
Contact the CCRC Office at 380-612-735-907
contacts@crime-research.org