Computerworld - If history is a guide, any Bush administration plan to remove Saddam Hussein from power in Iraq would likely set off a firestorm of hacker activity targeting U.S. networks and infrastructure. And those attacks could be greater in number and affect a broader cross-section of U.S. businesses than anything seen before, according to intelligence experts.
Surges in cyberattack activity have typically accompanied major international crises during the last several years, including the Arab-Israeli conflict, the war in Kosovo and the collision of a U.S. spy plane with a Chinese fighter jet over the South China Sea last year (see story).
However, any significant expansion of the U.S.-led war against terrorism, including an invasion of Iraq, could unleash an unprecedented wave of hacker activity, intelligence and security experts said.
Eric Shaw, a former psychological profiler at the CIA, said he will be watching for increases in activity from specific threat groups.
"Islamic hacking groups have been uniting over the India-Pakistan and Israeli-Palestine [conflicts] and they are traditionally Iraq supporters and anti-U.S. and anti-Israel," said Shaw, who now works as a cybersecurity consultant at Stroz Associates LLC in New York.
A second group includes a mixture of U.S. and European-based antiwar hackers, said Shaw. "Think about [groups] of young, liberal, elite, Western-educated youth [coming out] against the war. It would be a lot smaller than the Vietnam generation but could still be potent," he said.
Moreover, a ground war in Iraq could spur other governments in the region to launch sophisticated state-sponsored information warfare campaigns. That's the conclusion of a study published two weeks after the Sept. 11 attacks by the Institute for Security Technology Studies at Dartmouth College.
Ruth David, former director of science and technology at the CIA and now CEO of Analytic Services Inc. in Arlington, Va., said an orchestrated attack exploiting well-known vulnerabilities could be launched with little regard for precise targeting, and could cause significant disruption and financial loss to the "softest targets," the bulk of which are in the private sector.
"Ironically, a serious attack of this type may engender even greater public support for any military action under way and is unlikely to seriously impede our ability to achieve military objectives," said David.
The Bush administration has formally stated that it is the policy of the U.S. to respond to cyberattacks by any means appropriate, including military action.
"Such an attack could significantly debilitate U.S. and allied information networks," the Dartmouth study concluded. That report was written under the guidance of Michael Vatis, a former director of the FBI's National Infrastructure Protection Center.
The real change
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts