From: winn@Infowar.Com
Date: Mon, 10 Jun 1996 09:10:27 +0800
To: rgellman@cais.cais.com
Subject: No Subject
Message-ID: <199606091954.PAA25299@mailhost.IntNet.net>
MIME-Version: 1.0
Content-Type: text/plain



Class III InfoWar              Part 2                 Report from Europe

FEEL FREE TO DISTRIBUTE WIDELY


I am ostensibly  on vacation with my wife and two children ages 11 & 5 :

Here we are in Venice, Italy  but I can't ignore what seems to be going on in 
England. American media does not appear to be  following it.  So  here 's  what 
is happening.

Headline of  June 9, 1996  Sunday  Times in London reads:

"Secret Inquiry into Cyber Terror."

This is a follow-up of last Sundays story about alleged extortion attacks 
against British financial institutions using Trojan Horses and /or HERF Guns.

According to today's article, the British government  is holding  secret 
investigations into the "attacks" for more than two years involving the Dept. of 
Trade and Industry  (DTI), government communications headquarters (GCHQ),  the 
Brits NSA, The Defence Research Agency (DRA), and the Bank of England.

On June 8, the DTI issued a public statement which included : "We are very 
interested in the allegations of extortion directed at City of London 
institutions which were brought to our attention in 1994.  We responded then by 
involving many government organizations ... so far we have not been presented 
with any hard evidence from victims.  We would urge those threatened to come 
forward."

DTI Director of Technical Affairs, David Hendon wrote a letter in May 1995 
saying they took the extortion issue "Extremely seriously."  The Times' 
reporter's say they have seen some of the evidence that was submitted to DTI and 
GCHQ which includes  a chart on 46 of the attacks. According to the article DRA 
Senior  Director,  Professor David Parks, his agency is  " especially interested 
in the "weaponry" deployed by the cyber terrorists."

The Tmes continued  : "The agency (DRA) believes high intensity radio frequency 
"HIRF" guns may have been used to black out trading positions in City finance 
houses. The weapon disables a computer by firing elctromagnetic radiation at it 
and is  a "Black Programme" at the Defence Ministry, one of the highest security 
classification levels."

In Dec. Of 1995, the DRA and Parks approached a company who specializes in 
information warfare and asked them to "arrange a demonstration of a portable 
HIRF weapon in Germany."

The article further states that details on the HIRF systems and their use in the 
City of London have been compiled by a British computer magazine and are being 
passed onto government officials.

*****

I have spoken to more than fifty media in the last week about this story: The 
comments range from "suspicious" of the British reports, "sounds psy -fi", 
"alarming", "scary" and the like.  Even though I am on vacation (Ha!)  I called 
a few of my expert friends for a sanity check and here is what we have to  say.

* The alleged software attacks mentioned in last weeks article are more likely 
the weapon than HERF/HIRF attacks that todays' article focuses  on.  
 
* "Given the kind of systems they use and their connectivity, I can figure a 
hundred ways to do what the article say" one of my experts stated.
 
* As for the HERF/HIRF  we have worked out a number of models for a number for  
the attacks scenarios mentioned, but we have a targeting problem. A free-space  
(air) based attacked would create a wide dispersion pattern and likely have 
effected other organizations  not just those specifically under attack.

* A ground plane attack might cause the alleged results but requires more 
physical access to the facility.
 
 A few thoughts of the potential motivations:  
 
* Were the alleged attacks meant as a malicious Denial of Service (DNS)  attack 
or as a profit scheme?
* Were trading volumes and the stock prices of the alleged victims effected 
during the times in question?
* Was internal profit taking an ulterior motive ?
* I have to keep in mind if we give these stories credence, that over 50% of 
computer crimes involve insiders.

According to my British friends, the Sunday Times is preparing even more on this 
story which will appear next Sunday -  when I will be in London to get it back 
to you within minutes.

So, the kids are fine.
"Thanks for asking."
My life is almost relaxed, and we are now headed into the Alps for a leisurely 8 
hr drive and will spend the night at the Jungfrau. 
"Damn, it's raining.  It will have to be beer and sauerkraut."

In the meantime, contact betty@infowar.com  at  Interpact for comments and 
interviews.

Back at your later!

Winn Schwartau




Peace
Winn

		        Winn Schwartau - Interpact, Inc.
		        Information Warfare and InfoSec
		       V: 813.393.6600 / F: 813.393.6361
			    Winn@InfoWar.Com