Can Microsoft Survive
An Electronic Pearl Harbor?
My career in the computer industry started 1978 and I've spent that last 12 years of that in the Silicon Valley, where I currently specialize in networking technologies.
For those of you in the general public, that means I work in that area of the Internet that is that big black hole on the other side of your computer
modem, that seems to work mysteriously well most of the time.
This is why I've written this article for members of the general public with a very basic understanding of computers. It is my hope for this article to
convey to those concerned about an "electronic Pearl Harbor,"the often-discussed concerns of network professionals like myself about the possible consequences of an all-out CyberWar.
Please note that products mentioned in this document are trademarks or registered trademarks of their respective holders.
Richard Clarke, President Clinton's national coordinator for security, infrastructure protection and counter-terrorism coined the term "electronic
Pearl Harbor," to describe a catastrophic surprise attack on America's information systems. But it would only be the first strike, and on its heels will
come a deadly CyberWar that will cripple our economy and paralyze our ability to function as a modern society. This is because the spearhead of
the first attack will be directed against America's soft digital underbelly, the Windows operating system; a legacy-plagued modern day electronic version of the Maginot Line.
This threat was recognized years ago, only now is an American President doing something about it. Yet, no matter how aggressive Bush's attempts
are to shore up our digital defenses, history has shown us that an electronic Maginot Line cannot protect us, because our adversaries as most likely infecting our computer systems at this very moment.
The experts are warning us at every chance, but ever since the Y-2 bug scare fizzled, it is difficult for their warnings to be heard above the public's apathy.
Insight Magazine, May 2001
Preparing for The Next Pearl Harbor Attack
America's miraculous digital revolution, automatic teller machines and wireless phones, personal computers and pagers, and the electronic systems that carry news, airline schedules, stock
trades and business inventories have transformed the way people live. Nevertheless, the entire network, which bureaucrats call "the critical infrastructure," is a massive electronic Achilles'
heel, security specialists warn.
nternational terrorists and rogue regimes are savoring the prospect of striking hard at the United States, according to U.S. intelligence agencies. During his recent tour of the Middle
East, Cuban dictator Fidel Castro remarked to his Iranian hosts that the United States was plagued with vulnerabilities that smaller countries could exploit. He didn't elaborate in public,
but his message was clear: The time is coming when the rogues of the world will be able to take down Uncle Sam.
After years of dithering under Clinton, say defense specialists, the Bush White House is taking the matter seriously. Virtually every vital service: water supplies, transportation, energy,
banking and finance, telecommunications, public health all of these rely on computer and fiber-optic lines, the switches and routers that come from them, notes National Security Adviser
Condoleeza Rice. These are vulnerable. In the short time since his inauguration in January, Bush has instructed government offices to coordinate for homeland security and defense, and
assigned Vice President Richard Cheney to head a group to draft a national terrorism-response plan by October 1.
Intelligence is the lifeblood of war. During WWII, the Allies were able to break the Enigma code used by the Nazis to great effect, as well as those
used by the Japanese. The advantage for the Allies was simple. It is easier to win a poker game when opponent is unknowingly playing his cards face
up on the table. In the wake of an electronic Pearl Harbor, we could find ourselves in the reverse of that very same situation and this will be one war we cannot afford to lose.
Why We Need To Be Concerned
Americans usually tend to think of computer security in terms of their credit card transactions over the Internet, and the passwords they use at the office
to logon to the company network. We assume that the whole security issue is being handled, and that we can go about our lives in relative safety.
We also tend to view computer security as being primarily a commercial issue, with national defense being a secondary issue. Consequently, when
most Americans think of a CyberWar, they tend to think in terms of waiting in line for gas, or burning candles until the power comes back on.
However, what they seldom if ever think about is the widespread starvation that will most like come in the wake of an electronic Pearl Harbor.
Why We'll Starve to Death In a CyberWar
The next time you go to the grocery market, watch closely as the clerk runs your purchases across the scanner. This way, should you and your family
starve to death as the result of a CyberWar, you'll know what the culprit looks like. To illustrate the point, let's use a box of breakfast cereal.
Shelf space in grocery stores is a premium item, and once a particular brand of cereal has achieved a favorable shelf location, maintaining that
shelf position becomes an imperative for the manufacturer of the cereal and its various downstream suppliers. The overriding goal is to keep that cereal on the shelf at all times.
In the days before computer automation, the cereal manufacturer had to supply a jobber, who in turn supplied regional distributors, who in turn
supplied local distributors, who in turn supplied the grocer from whom you purchased your cereal.
However, manual human systems are inefficient, and prone to shipping and production delays. Therefore, to offset the inherent inefficiencies of manual
human systems required a 90-day supply of the cereal that was staged throughout various points in the distribution network. This excess inventory
was essential to keeping the product on the shelf, but the carrying costs of this inventory were substantial.
That was, until computer automated supply chain management came along, which brings us back to the scanner in your local supermarket.
Today, when you take a take your box of cereal to the counter for checkout, it is scanned and a notice is sent from the computer in the cash register to
the main back office computer in the grocery store that you've just bought a box of cereal.
Before you've put the grocery sack with your box of cereal into the trunk of your car, the grocery store computer had talked with the grocery chain
computer, which then talks with the distributor computer. The distributor computer then talks with the jobber computer, which then finally lets the
manufacture know that you've just bought a box of their cereal and that they will need to replace that inventory.
By the time you've made it home and are stacking that box of cereal on the shelf, an automated purchase order has been placed with the manufacturer
to replace the box of cereal you just purchased from the your local grocery store. Depending on the systems used, this process can go a faster or slower, but either way you should get the idea.
Now here is the point. In the days before computer automation, there was always a 90-day supply of food in the distribution chain at any one time,
because of the inherent inefficiencies of human systems. Today, computers do all the same work, following all the same rules, but at the speed of light.
Consequently, the 90-day supply of food of the past has now become the 90-hour supply of the present.
In case of a CyberWar, the damage could be truly catastrophic because the nation's railroad system is every bit as automated as its grocery stores.
Over the years, manual rail switches have been removed in favor of centralized computer system that now controls a nationwide grid of electronically activated rail switches.
What this means in terms of an electronic Pearl Harbor, is that much of the 90-hour supply of food presently in the supply chain will most likely rot on
abandoned rail sidings while railroad employees work frantically to bring their system back online. In the meantime, we will have to fall back on
trucks; but then again, we could be in for another nasty surprise.
During California's latest rolling blackouts, critical oil refineries were taken offline and the interruption of their refining processes was dramatic,
because it can take days and even weeks to bring a refinery back online after such an event.
What this means in terms of an electronic Pearl Harbor is that power outages would shut down oil refineries, which in turn would sharply curtail the
supply of diesel fuel for trucks and railroad engines. The result is that we'll see a rash of fuel theft complaints as people quietly scurry about in the night
with siphon hoses and gas cans, in search of unattended vehicles.
We are so used to the ease with which we receive the benefits of our technology we simply assume that it will always work this way. But the truth
is that societies with a high degree of technological sophistication as more vulnerable than they may think, or wish to think.
Yet we choose to ignore this truth with self-blinding misconceptions, and the most critical of the lot is that CyberWar is not a game. CyberWar is war in
the full meaning of the word, and includes all the death and human suffering that attends war!
A Colossal Misconception From The Past
Computer security is a matter of war, not commerce. To think otherwise is a true misconception. For example, in the 1930s, the citizens of France
shared a similar misconception about their own safety. It was called the Maginot Line.
The Maginot Line was named after its principal creator, André Maginot, who
was France's minister of war in 1929-31. Constructed in the 1930s, it stood as a fixed defensive barrier. It was approximately 200 miles long, and stretched from Switzerland to the
vicinity of the Belgian frontier near Montmédy.
At the outset of WWII, the Nazis deployed a small force against the Maginot Line to keep the defenders preoccupied, while it flanked the elaborate
fortification with a brilliant flanking maneuver. The result was a collapse of the French army. Shocked with disbelief that their mighty fortress has been
such a colossal defense failure, France fell despite the fact that Allied forces in France at the time of the invasion greatly outnumbered the Germans.
Before moving on, tuck the words "Germans," and "Maginot Line" in your memory banks. We'll come back around them in the context of current events, and you'll be surprised at what you learn.