From <@castle.riga.lv,@fgate.uucp,@fgate.castle.riga.lv,@fgate.uucp:harry@fgate.castle.riga.lv> Mon Jun 10 10:51:35 1996 Received: from wolf.riga.lv (wolf.riga.lv [194.8.12.90]) by suburbia.net (8.7.4/Proff-950810) with SMTP id KAA26017 for ; Mon, 10 Jun 1996 10:51:06 +1000 Received: from castle.riga.lv by wolf.riga.lv with SMTP id AA01438 (5.65.kiae-1 for ); Mon, 10 Jun 1996 03:43:37 +0300 Received: from fgate.UUCP by castle.riga.lv with UUCP id AA26397 (5.65.kiae-1 for Best-Of-Security@suburbia.Net); Mon, 10 Jun 1996 01:49:20 +0300 Received: by fgate.castle.riga.lv (UUPC/@ v6.14b, 06Mar95); id AA17176 Mon, 10 Jun 1996 03:48:52 +0200 Received: by fgate.castle.riga.lv (FIDO2UU 1.92e [DOS]); Mon, 10 Jun 1996 03:48:50 +0200 To: Best-Of-Security@suburbia.Net From: Harry Bush Message-Id: <31BB7F02@fgate.castle.riga.lv> Subject: Class III IW from Europe Continued Date: Mon, 10 Jun 1996 03:48:50 +0200 X-Mailer: SPRY Mail Version: 04.00.06.17 From: winn@Infowar.Com Subject: Class III IW from Europe Continued Lines: 123 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Class III InfoWar Part 2 Report from Europe FEEL FREE TO DISTRIBUTE WIDELY I am ostensibly on vacation with my wife and two children ages 11 & 5 : Here we are in Venice, Italy but I can't ignore what seems to be going on in England. American media does not appear to be following it. So here 's what is happening. Headline of June 9, 1996 Sunday Times in London reads: "Secret Inquiry into Cyber Terror." This is a follow-up of last Sundays story about alleged extortion attacks against British financial institutions using Trojan Horses and /or HERF Guns. According to today's article, the British government is holding secret investigations into the "attacks" for more than two years involving the Dept. of Trade and Industry (DTI), government communications headquarters (GCHQ), the Brits NSA, The Defence Research Agency (DRA), and the Bank of England. On June 8, the DTI issued a public statement which included : "We are very interested in the allegations of extortion directed at City of London institutions which were brought to our attention in 1994. We responded then by involving many government organizations ... so far we have not been presented with any hard evidence from victims. We would urge those threatened to come forward." DTI Director of Technical Affairs, David Hendon wrote a letter in May 1995 saying they took the extortion issue "Extremely seriously." The Times' reporter's say they have seen some of the evidence that was submitted to DTI and GCHQ which includes a chart on 46 of the attacks. According to the article DRA Senior Director, Professor David Parks, his agency is " especially interested in the "weaponry" deployed by the cyber terrorists." The Tmes continued : "The agency (DRA) believes high intensity radio frequency "HIRF" guns may have been used to black out trading positions in City finance houses. The weapon disables a computer by firing elctromagnetic radiation at it and is a "Black Programme" at the Defence Ministry, one of the highest security classification levels." In Dec. Of 1995, the DRA and Parks approached a company who specializes in information warfare and asked them to "arrange a demonstration of a portable HIRF weapon in Germany." The article further states that details on the HIRF systems and their use in the City of London have been compiled by a British computer magazine and are being passed onto government officials. ***** I have spoken to more than fifty media in the last week about this story: The comments range from "suspicious" of the British reports, "sounds psy -fi", "alarming", "scary" and the like. Even though I am on vacation (Ha!) I called a few of my expert friends for a sanity check and here is what we have to say. * The alleged software attacks mentioned in last weeks article are more likely the weapon than HERF/HIRF attacks that todays' article focuses on. * "Given the kind of systems they use and their connectivity, I can figure a hundred ways to do what the article say" one of my experts stated. * As for the HERF/HIRF we have worked out a number of models for a number for the attacks scenarios mentioned, but we have a targeting problem. A free-space (air) based attacked would create a wide dispersion pattern and likely have effected other organizations not just those specifically under attack. * A ground plane attack might cause the alleged results but requires more physical access to the facility. A few thoughts of the potential motivations: * Were the alleged attacks meant as a malicious Denial of Service (DNS) attack or as a profit scheme? * Were trading volumes and the stock prices of the alleged victims effected during the times in question? * Was internal profit taking an ulterior motive ? * I have to keep in mind if we give these stories credence, that over 50% of computer crimes involve insiders. According to my British friends, the Sunday Times is preparing even more on this story which will appear next Sunday - when I will be in London to get it back to you within minutes. So, the kids are fine. "Thanks for asking." My life is almost relaxed, and we are now headed into the Alps for a leisurely 8 hr drive and will spend the night at the Jungfrau. "Damn, it's raining. It will have to be beer and sauerkraut." In the meantime, contact betty@infowar.com at Interpact for comments and interviews. Back at your later! Winn Schwartau Peace Winn Winn Schwartau - Interpact, Inc. Information Warfare and InfoSec V: 813.393.6600 / F: 813.393.6361 Winn@InfoWar.Com --- GoldEd/2 3.00.Alpha1+ * Origin: Harry Bush, Harry@castle.riga.lv (2:51/2)