Pentagon Initiates 'DEF-CON'-style Warnings for Computer Threats
By Barbara Starr
<<...OLE_Obj...>>
W A S H I N G T O N, May 23 - Following the "Love Bug" computer virus
earlier this month, the Pentagon has now decided to post warnings when it is
under an information warfare attack - much as it would if there was a more
traditional military or terrorist threat.
Throughout the Cold War, for example, the military posted "defense
conditions," more commonly referred to as "Def-Cons," which spelled out the
state of military alert. "Def-Con Normal" indicated there was no unusual
activity. If tensions rose, then troops would be placed on a rising scale of
alert status such as "Def-Con Alpha," "Bravo," "Charlie," and "Delta."
In recent years, there has also been posting of similar "Threat-Cons,"
indicating an alert for a possible terrorist attack. As "threat-cons"
escalate, commanders then take increased security steps, such as checking
all cars entering a base, or in an extreme instance shutting a base down to
outsiders.
'Information Conditions'
Now, the military will post "Info-Cons" or "information conditions"
indicating the level of alert for a possible computer attack. The "Info-Con"
warnings will be decided at the U.S. Space Command, in Colorado Springs,
Colo., which has responsibility for the military's Joint Task Force on
Computer Network Defense.
The concept for posting military "Information Conditions" was actually
decided on before the Love Bug attack during an information warfare training
exercise earlier this year. But when the Love Bug hit, military officials
decided to move ahead with their plans more rapidly.
The reason was that the Love Bug virus was so much more virulent and
widespread than anything the military had seen before. When it swept across
military computer networks around the world, individual administrators, or
military commanders, all took their own actions on dealing with the problem.
Some installations shut down e-mail for days, causing massive disruptions
throughout the network.
As a result, military computer experts decided they needed to have a central
coordinating mechanism for telling installations about threats, and
recommending specific network-wide actions so that solutions can be
coordinated.
Individual Problems
This admittedly is a different approach from terrorist warnings, notes one
military official. In the case of "threat conditions," specific response
actions are left up to local commanders on the belief that they know best
how to deal with their installations. But the Love Bug showed that
individual actions can cause cascading problems around the system.
Now, in the event of another major information warfare attack, an "info-con"
will be posted and commanders ordered to take a variety of actions to defend
the integrity of their networks. Actions could range from rejecting e-mails
from unknown addresses all the way to shutting down networks.
The need to come up with "information condition" warnings after the Love Bug
was further underscored because that virus was the first to penetrate
classified computer systems. Officials now believe the four "infections" of
classified computers were possibly the result of classified addresses being
listed in unclassified address books and firewalls being breached.
Officials at Space Command hope to have the final details defining
"information condition" warning levels established in the next few weeks.
A recent General Accounting Office report reviewing the impact of the Love
Bug on the entire federal government noted the severe impact on the Defense
Department. The department expended what GAO called "enormous efforts" at
containing and then recovering from Love Bug. Military personnel from across
the department were pulled in from their primary responsibilities. If the
attack had gone on further, the department would have had to call in
reservists to help, according to the report. Some DoD computers required a
complete reloading of their software packages.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|