As I mentioned the other day
, a highly contagious worm played havoc with South Korea. Fortunately, the worm had a basic weakness -- it propogated itself through an obscure port
. All that was necessary to frustrate the virus was to block that port. What I didn't know at the time I first posted about it, however, was that the virus also disrupted service for 15,000 Bank of America ATMs and played havoc with the computer systems for Continental Airlines.
Bush's nightmare scenario would be for a foreign power like Iraq to get ahold of some sufficiently dangerous weapon (nuclear, chemical, biological), invade another country, and then threaten to use that weapon if they were attacked. However, very few countries could really threaten the U.S. mainland currently (short of using operatives to bring such a weapon into our country) because their missile technology is lacking.
However, with viruses, worms, and the like, any country could attack the U.S. You could even design viruses, worms, DDOS attacks, etc. to specifically target the United States and its allies. The basic material for making these weapons is freely available on the Internet (as they should be)
created primarily by teenagers in their spare time, and usually designed to not be destructive.
So, what would happen if a country like Iraq had just a handful of people working full-time on such weapons? After all, they know that the U.S. are willing to use computer viruses against them... and in fact already have. In 1990, prior to the Gulf War, the U.S. infected Iraq with viruses that spread all over the networks in Iraq -- by the time the allied forces' bombers arrived over Baghdad, communication networks and air defense networks had been paralyzed.
Can we *really* expect Iraq not to conduct both a defensive and
offensive cyberwar? Such a war would not need to be launched from Iraq, either -- anywhere in the world with a net connection would do. Even if by some miracle Iraq does not have at least one smart person working on computer viruses, he *does* have allies and sympathizers around the world. Melhacker
, a pro-Iraq hacker responsible for several major viruses in the past, has apparently designed a megavirus which is he threatening to use
if the U.S. launches a war on Iraq.
Bush knows that there is a huge threat of the Internet being attacked, of course. He knows how much it can effect society and cost businesses. He may not care, however, in that a major virus attack on the U.S. could serve his purposes. It could especially be used to justify some of the government's extreme plans for creating a more "secure" Internet architecture.
Clinton pushed hard for the Clipper chip -- essentially, a government backdoor hardwired into your computer. Fortunately, the idea was defeated. However, Microsoft and Intel's Palladium / Trusted Computing Platform Alliance
would also design a backdoor into your computer -- one that, yes, might make you somewhat less vulnerable to viruses, but one that could also do numerous other things, such as prevent you from playing MP3's, delete unregistered software from your computer...
and, potentially, give the government a backdoor into your computer.
The idea for Paladium was originally released as a paper called A Secure and Reliable Bootstrap Architecture
, principally drafted by Bill Arbough. His former employer? The NSA
. (He was a Senior Computer Scientist in their R&D division for eight years, and then a senior technical advisor.)
Just imagine how much more "useful" the concept of Total Information Awareness
would be if your own computer was one of the databases that could be searched for the government to find its enemies...