Prev: Re: space mirrors Next: Re: [erm] space mirrors

Re: [GZG] [HIST] Military Hackers

From: Thomas Barclay <Thomas.Barclay@s...>
Date: Sat, 31 Oct 1998 15:14:35 -0500
Subject: Re: [GZG] [HIST] Military Hackers

Allan spake thusly upon matters weighty: 
> Things do change when you attack a single economic sector or country.
Attack a
> sector and all companies in that sector are adversely affected. Look
at what
> happened to ALL mining stock in the wake of Bre-X. Likewise, collapse
the US
> economy and a lot of countries are going to hurt, including Germany
and Japan,
> because of the amount of investment made by those countries in US
currency.
> 
> If you know what you're doing, though, you can make a killing if you
have
> inside knowledge as to what is going to happen.

Risky. NOBODY understands the markets very well (otherwise 
computerized trading would be much more successful). Screwing one 
sector can affect all sorts of things you didn't expect. You can make 
money, but you could cause a collapse, or even get screwed in other 
sectors unexpectedly. This is russian Roullette in the computer 
age...
 
> Depends on HOW limited. In the wake of the Oklahoma bombing, the US
dollar
> dipped. Investors like nice, stable countries. Usually they see the US
as
> that, but if they think the US was about to plunge into a race war, or
a war
> against anti-government militias, the US dollar would suffer.

Sure, and I'll bet all sorts of unforseen events occur. 

Just look at the analysts backpedalling from previous comments on 
asia and the impact problems in asia (the other side of the globe) 
which really have little DIRECT impact on us, have had on our stocks 
of our major companies, blue chip and lots of smaller businesses. 
This was not something one would expect since their problem is mostly 
confined to their own sphere. But everything is interlinked, and in 
the GZG world moreso. I can see someone trying this and I can see it 
working. I can see someone trying this and causing a global problem 
that makes them a lot of enemies. Governements don't usually sanction 
such potentially risky manoevring (the smart ones). But small groups 
and radicals could well try this viewing it as acceptable risks.  

> So, what if you sell US dollar futures (I'm not sure you CAN do this,
I don't
> know THAT much about the stock and money markets), hoping to buy them
at a
> later date. Then, you detonate a bomb some place nice and nasty. Oh,
and make
> the bomb a low-yield nuke. The US dollar collapses, you buy dollars to
make up
> for those you sold on spec, and you make a killing. By the way, you're
a
> terrorist organization. You've just hurt the US economy and made a
good chunk
> of change yourself. 

And the first one of these that can actually be tracked an proven 
will result in a response that will wipe out that terrorist 
organization from the face of the earth and from racial memory. Mind 
you, it is hard to catch people. 
 
> Info war isn't going to be large scale. It's going to be micro scale.
It will
> be plausibly deniable info warriors taking out a corporation in order
for a
> domestic rival to take advantage.

That happens now. 

 It could be VERY easy to do. Shell petroleum
> is, I believe, a Dutch company. What happens if Exxon has another
major spill
> on its hands (this time, due to an implanted computer glitch fouling
up the
> tanker's radar). Suddenly the Dutch Shell corporation gets benefits
from
> Exxon's damage (of course, this kind of thing could affect the entire
> petroleum sector, so you'd have to tread lightly). That's just a gross
> example. I think info war will be FAR more pervasive than conventional
war,
> and far less damaging or noticable. It could even go on between
companies
> owned by allies without a negative effect being seen at the political
level.

I think you underrate the risk factors. And the steps people are now 
taking in infosec and in pursuit measures against such attempts 
(technical, legal, and unconventional). I think Infowar will be 
another kind of SF warfare and will be as risky for the operators 
because (as you said) it is easy to damage things, so it can be 
assumed that efforts to counter this will be deployed that make it 
VERY risky. Either that or people are asking for the accidental 
collapse of economic systems, which I don't think that anyone in 2185 
is demonstrating...
 
> >Can you imagine what the US would
> >have done if the Iraqis had driven one of those missing Soviet
tac-nukes
> >(they've lost hundreds - we have a friend who plays SG2 with us at
> >conventions who is part of the US Special Forces;  he's a NBC
specialist,
> >and is one of the people who goes after things like anthrax bombs
mailed to
> >the President and missing Russian nukes - interesting stories!) into
Riyad
> >and set it off...  Bagdad would be a smoking glassy hole in the
desert.
> 
> Very good point. On the other hand, if Iraqi hackers had destroyed the
Bank of
> America's assets due to some nasty hacking attacks, it would be hard
to
> justify nuking Baghdad as a response...

Would it? If it was proven Saddam was responsible for destroying the 
economic base of a country? I think the grass roots rage would not 
result in a nuke, but bagdad would be flat in either case (1000 
conventional bombs are just about as good as a small nuke....)
 
> >Attacking an economy like that is an extremely personal way of making
war -
> >if you collapse a bank by mistake, all the thousands of customers
will
> >become ardent supporters of bombing you into the stoneage if somebody
finds
> >out how it was done.  
> 
> I disagree. There's a definite level of escalation. You won't be able
to make
> the case on the international scene that nuking someone was justified
because
> one of your banks was collapsed. 

I disagree here. I suspect gross economic dislocation would well 
merit 
1) causus belli
and 
2) UNSC Information Security Directorate (UNISD) Intervention. 

This is the same as killing those US marines
> in Lebanon didn't justify nuking anyone.

But reprisals were mounted. And that wasn't destroying a countries 
economy which admittedly is the Infowar extremum, but that would 
probably have resulted in a serious response. Especially from more 
touchy countries than the US. USA don't like bodies, but they don't 
react like FSE or the ESU would....

 It's a question of scale. Hurting
> someone economically still isn't the same as taking a life, and you'd
be hard
> pressed to use the world's most feared weapons on a country that
didn't kill a
> single soul in your country.

True. But you also have unconventional warfare means (assassinations 
and such), precison ordinance (low collateral damage, high material 
cost damage), your own infowar guys, embargos, sanctions, etc. 

And if mass economic disruption was caused, it would kill lots of 
people indirectly and that would merit a general response. Nuking... 
only if someone real ideological and pissed off had the red button... 
but otherwise a huge conventional response, possibly air strikes 
followed by an invasion. 
 
> Besides, you're also assuming that you can PROVE who did it... What if
Islamic
> Jihad started to put together a group of hackers, then moved them all
over the
> world, how would a nation retaliate with force? Info war gives
individuals
> unparalleled capabilities against the state. A hacker can't do
anything about
> an Abrams tank on the street outside his house, but he could certainly
do
> nasty damage to a nation's economy. What do you do when that person is
living
> in your country? Or even a citizen of your country? Military might as
a
> response goes out the window.

You are also selling short our ability to pursue these individuals, 
which is growing legislatively, organizationally, and technically by 
the day. I see the other side of the spectrum at work, and I think 
the hackers of the next decade had better be gosh darned good or they 
are in for a world of hurt. 

Think about this: What if every Telco switch was well defended and 
loaded with audit logs? Backtracking hackers becomes much easier. 
What if active defenders (anti-hackers) were employed by the Telcos 
in large numbers, aided by state of the art supercomputers, AI 
systems, neural nets, etc. custom designed for intrusion 
countermeasures? We are vulnerable today to this in a similar way to 
which tanks of today suck vs. top attack missiles. In the future, 
you'll find, that we may well have redressed this imbalance and maybe 
tipped it the other way to make a hackers life very difficult. Its 
just that for a long time, the bad guys were aware of this tech, and 
no one knew about the risks. We are very gradually awakening. If USA, 
Japan, etc. devote the resources in corporate and public manners, 
backed up with legislative powers, the hackers will start to hurt 
real bad. I'm sorry, but I don't think even a well equipped hacker 
with a Sparc 1000 and a lot of hacker-info can stand up to a team of 
10 anti-hackers with several supercomputers and millions of hours of 
custom designed anti-hacker software. The numbers just don't match 
up. And I think we are swinging toward the defensive side of this 
balance now.... slowly.... soooo verryyyy sloooowly.... But by 2185, 
this won't be an issue (of course, the till-then history should 
include several cases of huge infowar successes/disasters to get to 
that point). 

> >Just a thought.
> 
> And some very good ones, too. 

Hope I'm contributing..... more than just noise...
 
> I'm not sure if any of this can be used in a SG2 or DS2 game, but it's
> certainly food for thought. I would roll it into a campaign system for
SG2,
> DS2, or FT, though. Imagine building a superdreadnought, only to have
all work
> stopped on it because of a hacking attempt that collapses the NAC's
economy...
> 
> Hmmm, I kind of like that idea...

This relates dirctly to the universe in campaign games. View it as a 
strategic level SG2 EW marker. It could have a lot to do with 
blocking reinforcements, messing up orders, messing up production 
schedules, gaining intelligence, inserting false intelligence, etc. 
If you are playing a campaign game, this has to be considered.	

 
/************************************************
Thomas Barclay		     
Voice: (613) 831-2018 x 4009
Fax: (613) 831-8255

 "C makes it easy to shoot yourself in the foot.  C++ makes
 it harder, but when you do, it blows away your whole leg."
 -Bjarne Stroustrup
**************************************************/


Prev: Re: space mirrors Next: Re: [erm] space mirrors