3 August 2001


Date: Thu, 02 Aug 2001 00:27:03 -0400
To: politech@politechbot.com
From: Declan McCullagh <declan@well.com>
Subject: FC: Why the "Code Red" worm is a red herring, by Wayne Madsen

********

From: WMadsen777@aol.com
Date: Wed, 1 Aug 2001 15:01:06 EDT
Subject: Code Red = Red Herring Update

CODE RED ­ A RED HERRING

Wayne Madsen

30 July 2001

Washington, DC

Here we go again folks. The White House, NSA, and National Infrastructure Protection Center (NIPC) are warning of a dangerous new Internet worm called "Code Red." We've been here before. Just last year, we were all treated to the impending doom caused by a series of "Distributed Denial of Service Attacks" that resulted in a host of web sites going down. Imagine the disruption to the nation's infrastructure caused by someone's failure to auction off their great grandmother's curios on e-Bay.

Conveniently, a few weeks after the dreaded attacks on the dot coms (many of which are now dot gones ­ and it wasn't a result of hackers), President Clinton hosted a cyber-security roundtable at the White House. The gloom and doom sayers pointed out why the nation was on the verge of an "electronic Pearl Harbor." Chief among them was Richard Clarke, the National Security Council's "Dr. Strangelove" of cyber-security.

However, it is not an e-Pearl Harbor we must be concerned about but an e-Reichstag Fire. Back in 1933, Hitler's Propaganda Minister Joseph Goebbels, a pioneer of perception management, hired a bunch of Nazi hooligans to burn down the Reichstag. The next day, while the German Parliament was still smoldering, the Nazis passed the Reichstag Decree, which effectively relegated the German Constitution and all of its civil liberty provisions to the toilet.

But would the United States take advantage of such a situation in cyber-space to advance a secret agenda? They've probably already done so. Back in 1988, the Internet was treated to its first worm. Programmed and launched by Robert Morris, Jr., the worm crippled hundreds of thousands of computers connected to the Internet. It just so happened that young Mr. Morris's dad was the Chief Scientist at NSA ­ during a period when the agency was feverishly trying to test the vulnerabilities of various operating systems and application programs.

But that was then, and Code Red is now. We are told that Code Red only affects web sites relying on Windows NT and Windows 2000. Of course, why would any self-respecting 24-hour cable news network want to show a housewife trying to struggle with a virus-infected home computer operating Windows 95? Better to capture viewers' attention with hordes of computer programmers and managers wrestling with downed web sites at Ford, Xerox, Charles Schwab, and Amazon.com.

And that's the way the government (and apparently Microsoft) wants it. Microsoft, the humbled post-anti trust suit corporate giant, seems to be cozying up with the Feds and their cyber-security agenda as of late. At a recent Interagency Technical Forum at the National Institute of Standards and Technology (NIST), Microsoft's director of Mobile Code Security revealed that Microsoft now maintains a full-time resident office at NSA headquarters with a fully-cleared staff.

Even the term Code Red is a red herring. Just like Distributed Denial of Service attack, it is more out of the Pentagon's lexicon than that of computer crackers. Code Red is just too campy ­ seems like it belongs in the same league with the movies "Deep Impact" and "Armageddon." But Code Red is just the kind of term that might impress our otherwise attention deficit disordered President. Computer crackers, of course, like to be a bit more original and artsy, opting for terms like "Melissa," "Back Orifice," and "Michaelangelo" How many original code names ever came out of NSA? "Echelon," for example. Boring! Now Code Red, that's something that could have been conjured up by the Faulkners of the Fort!

Why the Code Red hoopla? Well, in a few weeks, President Bush (with Dick Cheney looming over his shoulder) will be issuing a new Executive Order on Cyber-Security. He will appoint an inter-agency Cybersecurity and Continuity of Operations Board and his current cyber-security guru Clarke stands a good chance of being selected chairman. If so, Clarke will have transcended three administrations in essentially the same executive branch job ­ a record surpassed only by FBI Director J. Edgar Hoover.  And tomorrow NIPC head Ron Dick gets a jump start on things with a press conference on cyber security at the National Press Club. Hyping Code Red is a sure fire way to ensure the conference is covered by all the talking head networks. And it does not hurt that today, while FBI Director designate Robert Mueller is fielding some questions on what the FBI will do on cyber security during his Senate conformation hearings, Code Red is a backdrop.

Coming on the heels of the G8 Summit in Genoa, Code Red also bolsters one of the items on the agenda of the leaders. It was at the G8 Summit in Lyon in 1996, that the leaders first put cyber crime on their docket, a decision that was ultimately manifested in the Council of Europe's soon-to-be-enacted Cyber Crime Treaty. When enacted, the treaty will enable police agencies to reach beyond borders to seize Internet communications record traffic. The anti-globalization Genoa Social Forum got a taste of what is to come when Italian police stormed their headquarters and seized computer disks and Internet traffic records. This past April, the FBI, acting on behalf of the Canadian police, seized similar records from the Independent Media Center in Seattle after the Summit of the Americas in Quebec. Not to be outdone by his peers, British Prime Minister Tony Blair ­ who resembles Big Brother more and more every day ­ hurried back to London to urge Parliament to pass a bill that would equate computer hacking with terrorism.

Perception Management actually was part and parcel of the agenda of the same coterie of Pentagon brass and Beltway Bandits who dreamt up information warfare in the first place. They knew to be successful, the public would have to be force fed large diets of disinformation and sensationalized news. Ah, Dr. Goebbels would be so proud of them.

So in the meantime, we should all head for hills. Because just like Y2K, our government says our American Way of life is threatened by unknown computer toxins. Time to erect  our Computer Defense Shield.

Fear is the greatest weapon but the truth is the greater defense!

POSTSCRIPT:

Not getting the media bounce from the 8:00 PM EST Code Red meltdown hour on July 31 (nothing happened!), the FBI began spinning the story the very next morning that 22,000 computers had been hit with Code Red. Considering that viruses and worms probably strike many more computers than that on any given day, 22,000 is a relatively low number.

The cyber-security perception management machinery was also put into high gear in the August 1 edtion of The Washington Times. A story by Ben Barber hyped the threat posed by Palestinian computer users who have launched a so-called "cyber-Jihad" against Israeli government and corporate computers. The article states that the U.S. government-funded firms RAND and iDefense are urging the United States to adopt the same cyber defenses as those used in Israel. And the article gives us the potential next phase of the U.S. government's perception management campaign: Palestinian sites will start distributing viruses aimed at the United States -- one Palestinian site is blamed for distributing the Love Bug and Melissa viruses. If one remembers, however, Love Bug originated in the Philippines while Melissa came from Trenton, New Jersey. They are a long way off from Nablus and Ramallah on the West Bank.

Even in pseudo cyber-war, the truth is the greatest casualty!

-------------------------------------------------------------------------

POLITECH -- Declan McCullagh's politics and technology mailing list
You may redistribute this message freely if you include this notice.
To subscribe, visit http://www.politechbot.com/info/subscribe.html
This message is archived at http://www.politechbot.com/

-------------------------------------------------------------------------