From <@castle.riga.lv,@fgate.uucp,@fgate.castle.riga.lv,@fgate.uucp:harry@fgate.castle.riga.lv> Sun Jun 2 19:58:44 1996 Received: from wolf.riga.lv (wolf.riga.lv [194.8.12.90]) by suburbia.net (8.7.4/Proff-950810) with SMTP id TAA26637 for ; Sun, 2 Jun 1996 19:58:29 +1000 Received: from castle.riga.lv by wolf.riga.lv with SMTP id AA01925 (5.65.kiae-1 for ); Sun, 2 Jun 1996 12:38:32 +0300 Received: from fgate.UUCP by castle.riga.lv with UUCP id AA02981 (5.65.kiae-1 for Best-Of-Security@suburbia.Net); Sun, 2 Jun 1996 10:42:23 +0300 Received: by fgate.castle.riga.lv (UUPC/@ v6.14b, 06Mar95); id AA17176 Sun, 2 Jun 1996 12:42:06 +0200 Received: by fgate.castle.riga.lv (FIDO2UU 1.92e [DOS]); Sun, 2 Jun 1996 12:42:04 +0200 Return-Receipt-To: harry@fgate.castle.riga.lv To: Best-Of-Security@suburbia.Net From: Harry Bush Message-Id: <31B16FFC@fgate.castle.riga.lv> Subject: Class III InfoWar Date: Sun, 2 Jun 1996 12:42:04 +0200 Lines: 116 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit * From Area: Harry_Netmail (Harry netmail area) Date: Sat, 1 Jun 1996 21:33:01 -0400 Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit >From: winn@Infowar.Com Subject: Class III InfoWar X-Mailer: SPRY Mail Version: 04.00.06.17 Feel Free To Distribute Widely: Class III Information Warfare: Has It Begun? The June 2, 1996 Sunday Times from London front page headline reads: "City Surrenders to L400 million Gangs" And HERF Guns, Electromagnetic Pulses and sophisticated logic bombs may be responsible. At InfoWarCon II, Montreal Canada, I made reference to investigations I was conducting regarding concerted and organized attacks on up to 43 financial institutions in Europe and the US; an example of Class III Information Warfare. This issue of London Sunday Times brings a glimpse of the story that will eventually be told. The first attack in my files dates to January 6, 1993. A trading house in London was blackmailed into paying L10million to unknown extortionists who demonstrated they could crash the company's computers at will. The next incident in the Times article is also in my files: January 14, 1993 where similar demonstrations and demands were made for this time L12.5Million. And so is the next, January 29, 1993 and another L10Million siphoned off by the bad guys. According to my figures and those in the Times article, hundreds of millions of pounds have been paid ransom in what is clearly an example of Class III Information Warfare. According to officials in Washington, Whitehall, London, City of London Police, the National Security Agency, Kroll Associates, Bank of England and others (in the article) the threats are credible. The attackers have the clear ability to bring trading and financial operations to a halt - exactly when they say they will. "Banks, brokerage firms and investment houses in America have also secretly paid ransom to prevent costly computer meltdowns and a collapse in the confidence among their customers," sources said in the article. The article discussed the advanced information warfare techniques used by the perpetrators. "According to the American National Security Agency (NSA), they have penetrated computer systems using 'logic bombs' (coded devices that can be remotely detonated), electromagnetic pulses and 'high emission radio frequency guns' which blow a devastating electronic 'wind' through the computer systems." [For a complete description of HERF Guns (coined by Schwartau in 1990), see "Information Warfare: Chaos on the Electronic Superhighway," Thunders Mouth Press, 1994] The perpetrators have also left encrypted messages, apparently bypassing the highest security levels of the systems, leaving messages such as "Now do you believe we can destroy your computers?" The NSA and other officials believe that four gangs are involved; probably one from the US and probably one from Russia. But, because the crimes are international, national borders still prevail, making investigation more difficult. Investigations and official inquiries have been in progress for some time according to the article. Now, for a few things you will not see in the articlem, but will hopefully [if I am lucky] come out in the near future. The number of attacks is way above 40. They have been known about for almost three years, but only recently have people been willing to come out of the closet and discuss this highly sensitive issue with the media. Long briefs and analyses of these events have been submitted to high level officials and select business persons for at least a year, but to no avail. [Security by obscurity reigns all too often.] Banking is not the only industry that has been attacked and the attacks have been spread around Europe as well as Australia. As an industry many of us have said that the only way something will really be done is if we experience a Computer Chernobyl [Peter Neumann Phrase as I recall] or as I first said in Congressional Testimony, An Electronic Pearl Harbor. Are these events the harbinger of strong reaction by the community at large? As events unfold and more information is permitted to be disseminated over the next few days and weeks, we will see. We have essentially solved the issues of confidentiality and integrity. But, I have maintained that the real problem is going to be Denial of Service. These events are unfortunate, but clear examples of that reality. A Bank of England official also said of the incidents, "it is not the biggest issue in the banking market." Hmmm. I have to think about that. Peace Winn Winn Schwartau - Interpact, Inc. Information Warfare and InfoSec V: 813.393.6600 / F: 813.393.6361 Winn@InfoWar.Com --- GoldEd/2 3.00.Alpha1+ * Origin: Harry Bush, Harry@castle.riga.lv (2:51/2)