June 18, 1996

Article at The Age

FEATURE | Welcome to the online frontline

The United States is at war. So is Australia. But no declaration has been made. Wilson da Silva discovers we are engaged in the infowar.

THE United States and Australia are under attack. According to a report presented to the US Congress last month, US defence computers were the targets of computer hackers 250,000 times last year, and it is estimated that 65 per cent of attacks were successful. Only 4 per cent were detected, and less than a third of these were actually reported to superiors.

Australian defence computers are also under attack. Defence security experts in Australia admit as much, although they don’t directly say so.

Although Australian defence installations are unlikely to be such a “honeypot” for hackers as military centres such as the Pentagon, attacks do occur, and the best and brightest computer minds in the Australian military are being called in to battle them. 

Welcome to the Age of infoWar. In this seemingly invisible form of warfare, blood is not spilled on the battlefield: the enemy achieves the same aims without a single shot being fired. They disrupt air-traffic control, confuse radar systems, jam banking networks, or crash a country’s Internet.

It has dawned on defence officials that they have no way of knowing whether a hacker is just a hotshot Netsurfer - or the agent of an unfriendly foreign power.

They may be able to trace a hacker’s actions back a number of Internet nodes around the world, but any hacker worth their salt will make sure the trail goes cold - preferably in a country far from them.

Something else has occurred to the defence experts: if teenagers can crack military computers using software freely available on scores of computer bulletin boards, using strategies freely discussed on Internet newsgroups - wouldn’t a professional military outfit be capable of much more? “It doesn’t take a lot to generate an attack which can inflict a lot of damage,” says Dr Brian Billard, chief of military computing systems at the Adelaide labs of the Defence Science and Technology Organisation (DSTO).

“It’s not like a nuclear capability; you don’t need lots of money and an intensive program. It’s relatively easy to mount a successful attack. And they don’t have to be countries - they can be sectional interests such as organised crime, “ he told Computer Age.

Billard, along with an increasing number of military thinkers in the West, are realising that they are sitting ducks when it comes to information warfare. With good communications networks and a sophisticated economy reliant on technology, industrialised countries such as Australia are prime targets.

And they are wide open. While we spend billions patrolling our seas and skies against incursions, our “datasphere” is unprotected.

Hackers - whether spies, criminals or just joyriders - can dial into computer networks in Australia, steal information or bring down civilian systems, and disrupt military operations.

Our “data borders” are unpatrolled. There is no defence of the electronic realm.

“The fact is, warfare no longer occupies a four-dimensional environment of air, land, sea and space. Information operations introduces a fifth dimension of warfare,” US Air Force vice- chief of staff, General Thomas Moorman, told a Canberra defence conference last week.

The good general should know: between March and April 1994, the air force’s premier command and control research facility, the Rome Laboratory in New York, detected a volley of unauthorised incursions emanating from the Internet.

More than 150 attacks were detected. The attackers fired off software weapons such as “Trojan horses” and “sniffers” to access and control Rome’s operational network.

The Trojans, or virus-like sub-programs, are designed to attach themselves to legitimate users, then open up a trail behind them so the hackers can follow. The sniffers park inside computers and suck passwords from legitimate users as they log on, passing them on to the hackers.

Using these relatively common hacker techniques, the intruders were able to seize control of the lab’s computers for several days, and establish unauthorised links to US and overseas Net sites, and hack into other systems.

They copied and downloaded critical information such as air-tasking orders - messages US commanders use during wartime to transmit battle tactics, intelligence, and targeting information to pilots and other weapons-systems operators.

They also covered their tracks. Three days into the attack, air force computing staff realised what was happening and tried to trace the intruders. They weaved their way back through commercial Internet sites on the US east and west coasts, and through several telephone switches in South America, before ending up in Britain.

There, the trail went cold. A post-mortem established there were two intruders; but no one knows where they came from nor what they did with the sensitive military information they were able to steal. In the meantime, the US Air Force spent $625,000 hunting down the Trojans and sniffers in the bowels of their computers and restoring network security.

“Had they decided, as a skilled attacker most certainly will, to bring down the network immediately after the intrusion, we would have been powerless to stop them,” an official report into the incident admitted.

No one knows for sure how much sensitive information was stolen. The air force does know one thing: the air tasking system they spent three years and $4 million developing is now likely to be compromised.

This is one of the many attacks against US military establishments documented in the past few years. THE US military has more than two million computers, 10,000 local networks and 100 long-distance networks. In the past few years, the US Defence Information Systems Agency has launched 38,000 attacks against the military’s own computers, using software and strategies commonly available on the Internet.

Sixty-five per cent of the time, the military hackers gained access. Of the 24,700 successful intrusions, only 988 were detected. Most didn’t like admitting they had been breached: only 267 were reported.

Much the same may be occurring in Australia. But you won’t hear it from the military. While they admit they are just as vulnerable - in some cases, more so - they clam up when asked if they’ve ever been attacked.

Researchers consider that the concern over information warfare is that it gives small nations as much firepower as large ones. Military strategists point a fearful finger at the Third World, at drug cartels, the Mafia, at any number of groups who may have the motivation to do harm and who possess some computer nous.

The US National Security Agency estimates that at least 120 countries have established computer attack capabilities.

Roughly 60 per cent of doctorates granted by US universities in computer science and security are awarded to foreigners. Two-thirds of those successful candidates are from Islamic countries or India.

“Sophisticated countries like Australia are the ones that are going to be targeted,” says Billard. “At what point do we consider our national sovereignty under attack? And what is the appropriate response? Do we use the same strategies in retaliation?

“There are a whole raft of problems we have to consider, “ he said.

But the threat isn’t illusory: on Friday, the DSTO opened a new laboratory in Canberra with a charter to tackle command and control security and develop information warfare strategies.

It is part of Project Takari, a 15-year program established by the DSTO that will involve 250 scientists, and continue into the year 2010.

These technologies can be used to hobble an enemy - albeit one with some level of electronic sophistication.

“Information warfare is a fast-emerging arena which has the potential to turn the tide of conflict without firing a shot,” General Moorman said.

“Intrusion into data links, databases and local-area networks can significantly inhibit an adversary’s ability to plan, execute and coordinate military operations.

Dr Warren Harch, research leader of the “infoWar” lab, was reluctant to discuss the kind of detection and protection strategies to be pursued. Asked if the information warfare research was just aimed at defending Australia against incursion, or also aimed at developing offensive capabilities against an enemy, he was cagey.

“That’s something I can’t really talk about, other than to say that we’re interested,” he said.


  • Attacks: 38,000
  • Blocked: 13,300 (35%)
  • Detected: 988 (4%)
  • Undetected: 23,712 (96%)
  • Reported: 267 (27%)
  • Not reported: 721 (73%)