Cyberwar Will Threaten Telecommuters Livelyhood

Cybersecurity issues have been key to successful telecommuting practices. Recent developments in cyberwarfare make the issue even more important.

I’ve always had an interest in this topic because I used to teach a computer security course at the Department of Defense Computer Institute (DODCI) way back in the ’70s. As a spinoff from that teaching we were often asked to help government organizations identify weakness in their security precautions.

At the simplest level physical security can be a problem, and it definitely was back then because anti-war protester were bombing university and government computer centers. Asked by the Chief of Police (one of our Information Management For Senior Executives students) to take a look at the Washington DC police department’s computer center, a few days later dressed like an IBM rep and unannounced, I headed over there. I was astounded to find signs pointing the way to the basement computer center, a trash can propping open the cypher-lock door, and not a soul asked who I was. I tinkered inside the back of a few boxes, left a briefcase next to the big IBM 360 mainframe with a note in it that said, “Boom. Your computer center is wrecked!”, and then called the Chief to tell him about the little surprise I’d left. Said it might make for an interesting learning opportunity for his staff. Oh, it was.

At another level, social engineering can be used to penetrate systems. I picked some papers up off a manager’s desk while on a tour at the Army Personnel Center and used them to get seemingly innocuous information from people who worked there to break into their computer and create a highly decorated, fictitious Army major with a wife and three kids. His name, of course, was Major Major; so he was, during his brief career, Major Major Major like the character in Joseph Heller’s Catch 22. Today social engineering takes the form of free virus scans for your computer, which, naturally, are used to plant malware such as net-bots in your computer, not remove them.

But there’s a broader level of security problem that could threaten the livelihood of teleworkers: cyberwarfare. If Israel bombs a target in Syria it doesn’t effect us here in the US directly, or if there a fight between Russia and neighboring Georgia it doesn’t disrupt business as usual here. But it could. When terrorists attacked New York and Washington on 9/11 power and communications around the country continued to operate, freelancers and telecommuters continued to work albeit in a state of shock. But the whole rationale for telework as a continuity of operations strategy gets knocked into a cocked hat if our power networks are shut down.

What if the 9/11 had been a cyber attack? It’s not as outlandish a possibility as you may think.

The first major use of cyber warfare, at least the first that gained widespread notoriety, was when Israel bombed a target in Syria in 2007. The fighter-bombers entered and left Syrian airspace, one of the densest anti-aircraft defense environments in the world, without a shot being fired. How? Israel managed to spoof the Syrian anti-air command and control network—a sophisticated system they’d bought from the Russians.

Then 2008 Russia attacked Georgia with combined conventional weaponry and 21st century cyber-attacks. Sure, you say, but those were sophisticated military operations, nothing to do with my world. Don’t be so sure.

High school kids recruited (and armed with downloadable software weapons) through Facebook, Twitter, and other social networks devoted to dating, hobbies, and politics played a major role in the strategic economic impact of the cyber attacks. Microsoft plowshares were hammered into cyber-swords and again Facebook and Twitter were used by hackers to coordinate attacks on network-based power, oil, and gas targets in Georgia. Georgian filters to block Russian IP addresses were useless because attacks were launched from websites in other countries, paid for with credit cards stolen from Americans. Russian and Turkish servers used in the attacks were known to have been used previously by cyber-criminal organizations.

According to a recent Aviation Week and Space Technology article (Sept 14, 2009, pg 54-55) Russian criminal organizations were also drafted for the effort and they target Georgian financial institutions. In fact, paramilitary organizations here and around the world are hard at work trying out vulnerabilities in social-networking and other software.

Interestingly, according to a report by the U.S. Cyber Consequences Unit (US-CCU), one surprising finding was “how quickly a common citizen can be transformed into a foot soldier in a cyber conflict . . . Patriotic rhetoric on social-networking forums was instrumental in recruitment of individuals into a cyber-army, which was needed to carry out the disruptive attacks on Georgian targets. This has shifted the role of the soldier onto the shoulders of civilians. [Moreover] cyber-attacks via civilian proxy allow for plausible [Russian government] deniability.” Initially, eleven sites were targets, but the efforts were so productive that another 43 were shut down or defaced. One successful attack was so simple that an army of computers did nothing more than send a barrage of request for random, non-existent web pages. bringing the servers to their knees searching for the bogus pages.

One crafty counter-attack application, posted on a Russian website by the Georgians, pleaded with Russian sympathizers to attack 19 Georgian websites—but the targets were actually Russian sites. More insidious for the long run, civilian, criminal, and military forces on both sides undoubtedly took to heart Che Quevera’s dictum, “Where there is confusion there is opportunity,” and all left behind spyware, time bombs and back door access points for later use.

The Pentagon announced in April that they’d spent $100 million in the last six months to repair damage from cyber attacaks. So, while telecommuting can be an effective continuity of operations strategy to combat traffic, weather, health and other threats, cyber warfare can–like conventional warfare–have a major impact on your operation. The difference is that it can come from a world away. The next surprise terrorist attack on the US may not involve crashing airplanes in to office buildings. It could involve cyber attacks on our power and communications networks.

When the lights go out, you’re out of business.