WAR ON CYBER TERRORISM

by BERNARD A HODSON

In last month's article I outlined one of the approaches that can be used to deny access to computer code for virus and worm generators, hackers and other nefarious individuals. Without access they cannot carry out their anti-social activity and the architecture outlined in A New Type of Computing denies them all access. The approach proposed last month is workable but involves a significant move within the IT industry and is unlikely to be initiated in the short term, notwithstanding the current cost to the industry of $46B annually and still growing. I believe the approach I suggested could become an industry standard but will take from three to five years to get to that point. In the meantime the industry has to do something other than create the patchwork quilt that our software "old ladies" are thrusting monthly on the computer scene, causing a tremendous amount of confusion to business groups and individuals plagued by these cyber terrorists.

Our current attempts to thwart the cyber terrorists are pathetic. We have dozens of companies developing firewalls, other dozens developing anti virus and worm software, yet other dozens finding security flaws in Windows and other gigantic operating systems, with dozens of patches going out every month to remedy what should not have been there in the first place. Users are totally overwhelmed with everything being thrust at them willy-nilly, they are sick and tired of being told repeatedly that this or that software is the best there is to prevent the problems, often to be told a few weeks later that the cyber terrorists have bypassed the "so called" solution offered as last months cure all.

Just as the world's terrorist groups are divided into many factions so too are the cyber terrorists. We are up against a whole array of different segments. Hackers tend to be individuals or small groups, the same with virus and worm generators. Identity thieves are larger and more insidious and sophisticated with their scanning cameras, their stealing of mailing lists and sending of supposed bank letters asking the unwise to send their account information and other data because they are investigating fraud or have a software upgrade they are checking out, or other similar lies. While not specifically terrorists I include spammers in the category of groups we have to fight as they alone are costing the IT industry $30B annually and rising. We also have the possibility of the non-cyber terrorists including cyber terrorism in their arsenal of weapons to cause chaos in various industries.

What I suggest in this article is that we organise a world wide operation to fight cyber terrorism prior to the industry moving to a new type of computing which offers the IT industry the security it needs so desperately. I am prepared to coordinate this initially, if there is sufficient interest, in cooperation with the readers of this newsletter.

This newsletter circulates worldwide and I would propose that small groups be established in each country reached by this newsletter. Initially I suggest that any reader interested in doing something positive about the situation contact me at bernard@genetix.ca.

Depending on the number of replies I will put each country's volunteers in touch with one another and they can appoint two liaison persons, preferably one to handle the civil side, a second to handle the national security side of things. These groups will then work together to develop the best warfare strategy. I would expect the groups to propose different strategies to combat cyber terror, which can be evaluated by the world group and then the best suggestions be put into practise.

For spammers I would expect us to play them at their own game. We would organise a worldwide flood of emails directed at the spamming organisations, which hopefully would give them the message that we do not want their intrusion from "often stolen" email lists.

Hackers, worm and virus generators are somewhat more difficult to identify, as is their product. By group discussion we might come up with reasonable and workable solutions to the problem. They are also guilty of unlawful intrusion which has to start somewhere. Perhaps some enterprising member of our proposed group can identify what we might call the initial DNA which led to the virus and worm proliferation.

Identity thieves are more organised but it should be possible to identify the chief perpetrators and liaise with the country's law enforcement agencies to diminish or eliminate their activity.

It should not be lightly taken that a worldwide group such as this could itself become the target of some of these cyber terrorists, along with all the publications that have the guts to publicise this proposal.

Whether or not you wish to become part of such a group many of you will have ideas of how to combat this cyber terrorism. If you care to send your ideas along we can develop an "anti cyber terror" document for circulation among readers, who can then vote on what they consider the best strategies for immediate implementation.

The group could also play a useful role in developing a strategy for the IT industry to develop plans, strategies and timetables for the industry to move to a new type of computing.

I also think it would be useful, if not available elsewhere, to develop a document outlining some of the security issues we have to look out for. If there is such a document please advise me so that I can see if it is sufficient or should be augmented. Again I am willing to coordinate the development of such a document initially. I would like to hear from readers what should be in such a document but for starters suggest some questions that might be addressed. In many cases readers will suggest questions and answers, in other cases raise questions that other readers will answer. So here are a few questions that could be posed for reader response.

Q. Finger print scans are used as a security check. What happens if a photocopy (in black and white or colour), or a hacked off finger, is used instead of the actual live finger print. Is it detectable?

Q. Iris scans are used as a security check. What happens with different contact lenses?

Q. Iris scans are used as a security check. Could a coloured photocopy be used to negate the check?

Q. If the new type of computing is accepted by industry, or even if not, is there any way (undetected by the thieves) to signal that this is a criminal enforcement?

Q. If national identity cards are used there must be a mechanism to update the card with changes (e.g. marital status and name change), what can be done to guarantee that the right card is being altered and that the information entered is correct?

Again I value the reader's input on whether such a document would be useful and, if so, please send in your own questions so we can get the ball rolling. If the volume is too large we may have to set up a separate web site for the purpose.

Now for another request to readers, the last for this month's newsletter.

During the second world war the Germans had what was considered an unbreakable cipher machine called ENIGMA. Every letter was encoded differently, using a set of cog wheels. In order to decipher the message it was necessary to know the initial setting of the cog wheels. The British developed what some call the world's first computer, known as the Colossus, to help in the decryption process. No one knew of its existence until many years after the war ended. A few years ago I had my picture taken with Tony Sale in front of the Colossus, following a presentation I made at Bletchley Park, where the code breaking took place. He had been a member of MI6, the British counter intelligence group, and was now in charge of the Museum established in the Park, where they also had an ENIGMA machine. He had rebuilt the Colossus and has challenged anyone with a modern computer to decipher a code faster than the Colossus still could. At that time no challengers had come forth.

Actually I have two requests on this. The first is whether any reader has taken up the challenge or knows of someone who has? The second relates to the procedures used today with our various security methods. The Colossus was highly successful because the Germans were very methodical and predictable. Using their known way of doing things the Colossus could be programmed, with some ingenious thinking, to zero in very quickly on the initial cog settings, which thus enabled them to read the German documents, sometimes even before the intended recipient. It also adds to our concerns about the prevalence today of wireless interceptions.

Today our security systems are just as vulnerable to "people" problems even though the encryption processes have become quite sophisticated. Can any reader suggest possible solutions to the "people" problem? There are hundreds of people involved with passwords, which cannot be too secure, given people's methods of storing them, enabling entry to unauthorised persons who become aware of the password. This is at the lower level. At a more sophisticated level we have the fictional mystery writers who always have someone who can hack in to any computer, unfortunately also fact rather than fiction. What ideas do readers have in order to overcome the "people problem".

These requests of mine may seem trivial but collectively, given the worldwide span of this newsletter, we may be able to add to the knowledge required to get rid of cyber terrorism.