Security Views/Dr.

Bill Hancock

theater, grass-roots organizing and graffiti to

cyberspace. Operations include espionage, Web page
defacements, denial-of-service attacks to swamp the
target and virus infections.

advantage of modern Web techniques in regard to

management, reporting and alerting, said Bryan, who
also serves as the vice director of the Defense
Information Systems Agency.

Were going to start seeing this sort of thing for a

whole range of issues, including animal rights and
other fringe causes, said Anderson, a data security
expert whose resume includes consulting jobs for
the FBI and its counterparts in Britain, Russia,
Germany, Norway, Denmark and Switzerland.
Hacktivists are increasingly focusing on companies
rather than governments, he told a press conference.
Calling it a gray area for law enforcers, Anderson
said in some ways the phenomenon was not unlike
old-fashioned picketing.

One of the main benefits, according to Bryan, is that

the department will be able to collect data on cyberattacks or attempted attacks, categorize them and better understand them.Storing them in a database that
can be shared means we can profile the threats so that
we can see patterns of activity that will allow us to do
a much better job of understanding and describing
whats going on and taking the proper actions to
counter it, Bryan said.Also, I think a shared database
allows people to do what humans do best, and that is
to share ideas, he said.The really qualified people in
this computer network warfare business are a fairly
small community of experts, and this database will
provide them a forum and opportunity not only to
share data but to share ideas as well.

The survey listed 12 countries or parts of countries as

representing extreme political and security risks to
multinational companies, up from five in 1997, when
Control Risk introduced its current ratings scale.
Those countries are Afghanistan, Burundi, Chad,
Congo (Brazzaville and Democratic Republic of
Congo), Eritrea, Theiopia, Liberia, Russia
(Chechnya), Sierra Leone, Somalia, Sri Lanka (north
and north east) and Sudan.

US Department of Defense
Prepares Cybercrime Database
The Defense Department is on the verge of
completing a common database to aid the defence
and intelligence communities in battling cybercrime, according to the new commander of
the Pentagons Joint Task Force for Computer
Network Defense. The database will enable those
involved in computer emergency response across
DOD, the intelligence agencies and the FBI to share
information critical to protecting their networks
against intruders.
The database is in the final stages of development and
likely will be an operational reality in early 2001,
said Maj. Gen. James Bryan, who commands the JTFCND. Having the ability to create a common
database and to share that database allows us to take

674

The database is only one of several initiatives the task

force is undertaking to build its arsenal of cyberwarfare weaponry. Others include developing automated technologies for monitoring the network, reporting intrusion events and improving response time.
Weve got to develop more real-time intrusion
detection and ways of reporting without becoming
intrusive ourselves, Bryan said. Were developing
technology that will allow us to automatically sense
whether our firewalls have the right configuration
within them or whether the anti-virus updates are in
fact up to date.

CIA Chat Room Causes Grief

The CIA is investigating 160 employees and contractors for exchanging inappropriate E-mail and offcolour jokes in a secret chat room created within the
agencys classified computer network and hidden from
management. CIA spokesman Bill Harlow said the
willful misuse of computers did not involve the
compromise of any classified information. But the
probe, nearing completion, involves employees at all
levels of the agency, including some senior managers,
and most likely will result in at least a few firings,
agency officials said.

Computers & Security, Vol. 19, No. 8

The serious thing for us is people willfully misusing

the computer system and trying to hide what they
were trying to do, said one intelligence official. If
they were doing this with the KGBs computer system, wed be giving them medals. Sadly, it was ours.
The House and Senate intelligence committees have
been briefed about the secret chat room, which CIA
investigators discovered while performing routine
security checks, according to Harlow. Investigators
uncovered evidence of long-term misuse involving
multiple violations of CIA computer regulations,
Harlow said. An internal notice sent to all employees
in May said,This activity has apparently been taking
place for some time and involves the use of unauthorized chat rooms and data bases in an apparent willful
misuse of the agencys computer networks. Indeed, it
appears that this group went to great lengths to conceal these actions . . . Any attempts to alter or delete
information on agency computer networks related to
this investigation . . . could amount to a violation of
federal criminal law.
Since then, all 160 employees and contractors who
participated in what officials describe as an invitation
only communications channel have been interviewed and given five days to explain their conduct in
writing. Several officials, including members of the
Senior Intelligence Service, a cadre of career officers
at the upper reaches of the civil service system, have
been suspended with pay for the past six months
while senior CIA officials try to determine what punishment is appropriate.
Robert D. Steele, a former CIA case officer with
extensive ties to the agency, declined to name any of
those involved but described two of the most senior
officials under investigation as innovative, outof-the-box, unconventional thinkers these are
essentially the hackers of the CIA, in the most
positive sense of the word.
One Capitol Hill source who has been briefed on the
probe said it involves some pretty clever people who
know how to use computers creatively. The source
said he thought the employees involved showed
bad judgment and added that CIA officials have

responded appropriately. But one recent CIA retiree

with knowledge of the probe said employees who
face disciplinary action and even dismissal have been
investigated far more aggressively than former CIA
director John M. Deutch, who admitted drafting topsecret cables on unsecure home computers and was
stripped of his CIA security clearances last year.Most
of the employees involved are likely to have a letter of
reprimand placed in their personnel file, which will
quash their chances for promotion for at least a year
and may adversely affect future assignment prospects,
the CIA veteran said.
The former officer said that by giving those under
investigation only five days to respond to the charges
against them, the CIA has effectively denied them
the opportunity to seek legal counsel, because
lawyers typically must wait for months to obtain security clearances necessary to represent agency personnel. The former officer also said he doubts whether
employees under investigation really were exchanging
secret communications, because all senior CIA
managers have a software program called Shadow
that enables them to remotely monitor every
keystroke that their employees make.It seems highly suspicious that all of those supervisors, not to mention the numerous component network administrators and security personnel, were unaware over a period of years of illicit computer usage by a group of 160
personnel, the former officer said.
A CIA official responded that employees under investigation were operating beyond the normal reach of
computer systems administrators.These people were
technically adept, and they went to great lengths to
ensure that their efforts were not known to systems
administrators. There are ways of monitoring things
if you know there is something to be monitored.
In some of the E-mails reviewed by investigators from
the CIAs Center for Security, the official said, those
involved even wrote messages to the effect that, If
they ever catch us doing this, well be fired.
The investigation is only the latest in a series of incidents involving misuse of computers at the CIA.
Deutchs home computer security violations, discovered by CIA security officials when Deutch stepped

675

Security Views/Dr. Bill Hancock

down as director in December 1996, triggered a

firestorm on Capitol Hill this year after a classified
report by the CIAs inspector general was leaked to
the media. The report concluded that CIA Director
George J.Tenet and other senior officials did not adequately investigate and punish Deutchs security violations. The report also concluded that Deutch
exposed highly classified intelligence to hacker attacks
by drafting memos on three unsecure home computers linked to the Internet.

While many young people spend hours surfing the

Net on tiny, silver i-mode Internet-friendly mobile
telephones, the bulk of the population has yet to venture into cyberspace and the aim of the bill is to make
the Internet accessible to Japans 120 million people.
The IT Basic Bill calls on the government to realize
a society that allows vigorous development by making
it easy for all people to use highly advanced information and communications networks led by the
Internet.

In November 1996, one month before Deutchs violations were discovered, a CIA senior intelligence
analyst was found to have written a document with
the highest level of classification on his home computer, which was connected to the Internet. As in
Deutchs case, members of the analysts family had
access to the computer. The analyst was demoted in
rank and salary, given a letter of reprimand barring
raises for two years, and suspended without pay for a
month. After the suspension, the analysts clearances
were restored, and he retired from the agency a year
later.

Lower House lawmakers also adopted a resolution

urging more consideration be given to cutting the
sky-high telecoms fees that have long been the
biggest deterrent to Internet use. The bill, which
must now be approved by the Upper House, urges
the revision of regulations blocking the way to the
spread of electronic commerce. It calls for the promotion of an On Line Government to streamline
the activities of the bureaucracy and smoothe the
path for public-private interface. The government
has said there are 733 regulations and 124 laws
obstructing E-commerce.

Another CIA employee alleged in a lawsuit filed

last year by Roy Krieger, an Alexandria lawyer,
that she was disciplined for a major lapse of CIA
security after the CIA sold 25 laptop computers at
public auction while still containing Top Secret
information on their respective hard drives. The
employees complaint alleged that the security lapse
was not detected until months later, when a private
purchaser reported finding classified files in one of the
computers.

The Internet has been relatively slow to catch on in

Japan, with the high cost of telecommunications fees
a key barrier, and many companies fear the lag is hampering their ability to compete. Mori who admits
he never touched a computer keyboard until last June
wants to create an E-Japan to help the long-stagnant economy recover.

Japan Creates Cyberconditions for

IT National Revolution
Japan moved a step closer recently to Prime Minister
Yoshiro Moris goal of creating an E-nation when
parliament approved a bill adopting the Information
Technology (IT) revolution as a national goal. The
bill, passed by the powerful Lower House, is a building block in a push by Japan to leap out of its position
as an Internet laggard and to the global forefront of
information innovation within five years.

676

Recently, a blue-ribbon panel proposed setting up a

widely accessible, low-cost, high-speed Internet
framework in five years. It called for measures allowing full-time connections to the Internet at an
extremely low cost for the entire population in the
next year. In a swipe at former state monoply
Nippon Telegraph and Telephone Corp (NTT), the
panel blamed the high telecommunications fees on
the dominance in the market by one particular firm,
calling for increased competition. NTT still has an
iron grip on Japans telecommunications market,
owning 90% of the local lines connecting homes and
businesses.The panels proposals will be submitted as
legislation in the next session of parliament in
January.