In novelist William Gibson's pioneering 'Neuromancer' cyberspace trilogy, corporations had a formidable arsenal to use against computer hackers. An attack could be detected
In novelist William Gibson's pioneering "Neuromancer" cyberspace
trilogy, corporations had a formidable arsenal to use against computer
hackers. An attack could be detected immediately, with painful and
sometimes deadly neurological feedback zapped at the intruder through his
computer. Military computer systems in Gibson's world were so well
protected that any digital attack would amount to a suicide run.
Our real world, 15 years after that first Gibson novel, finds U.S. government systems threadbare and technologically vulnerable to intrusion. Imagine an elephant trying to fend off a few tigers while simultaneously being attacked by a swarm of biting flies and you'll have a grasp of the problem.
Every year, thousands of break-in attempts are directed against government computer systems. The Defense Department is the target of choice. Most of the attacks on government Web sites are the digital equivalent of spray paint on a billboard, but the electronic graffiti has hidden more coordinated efforts. The most troubling of these was an attack dubbed "Moonlight Maze" that probably began late last year and continued through May of this year.
The Moonlight Maze attack was enormous. Federal officials said that the intruders systematically ransacked hundreds of essential but unclassified computer networks used by the Pentagon, the Energy Department, NASA, defense contractors and several universities. A lot of technical defense research was illegally downloaded and transferred to Russia.
The campaign exposed the vulnerabilities of government computer systems: Attacks can go undetected for weeks or months; just figuring out what the attackers damaged or stole can take that long or longer. Officials still don't know whether the hackers established some sort of electronic backdoor, giving them access at a later date.
This is extremely serious stuff. Consider the following exchange earlier this year between members of Congress and Michael Jacobs, deputy director and information systems administrator for the National Security Agency.
Jacobs: "The technology is there to allow a sophisticated adversary to do this kind of work, but our ability to see them do it is very, very limited."
Question: "So, what you're saying is . . . we don't really know the extent of intelligence attacks or the success of the intelligence attacks?"
Jacobs: "That's correct. We do not know."
The nation's reliance on an increasingly interrelated and interdependent electronic network demands a credible defense. Achieving that goal will be one of the most important challenges of the Information Age.