The Web: Hacker turf war raging online

By GENE J. KOPROWSKI, UPI Technology News

A weekly UPI series examining the global telecommunications phenomenon known as the World Wide Web.



CHICAGO, march 17 (UPI) -- A battle for the control of cyberspace by computer criminals -- similar in intensity to a turf war between rival mob families -- is underway on the Internet.

Computer security experts question how prepared the United States is to stop the conflict online, and wonder if nefarious criminal and Islamic terrorist elements are covertly involved in the battle.

Three groups of rival virus writers, including the authors of the famous MyDoom worm, as well as other worms, such as Bagel and Netsky, this month launched simultaneous, competing assaults on PC users around the world, vying for control of computing assets in the home and at the office, experts said.

"A global assault for control of millions of computers is occurring," Steven Sundermeier, vice president of products and services at software developer Central Command Inc., said in a statement to the news media. "This appears to be a war for power and seniority among these authors."


Computer scientists at the Medina, Ohio, firm have analyzed the programming code from the worms, which are designed to take over PCs they infect and turn them into drones controlled by the hackers.

Central Command technicians have discovered the bootleg computer code contains messages, obviously intended to be read by rival programmers, with provocative statements such as "wanna start a war?" Such phrases have been detected in the Bagle worm, version J.

Rival developers of the Netsky worm, version C, proclaim, in text hidden in their code, "we are the skynet -- you can't hide yourself."

Skynet is a reference to the fictional global computer network in the "Terminator" series of films.

This is not mere hooliganism, experts said, because it has potential commercial impact on the U.S. economy and on the government.

"It's a direct attack on the response times of anti-virus companies, a strain on IT professionals, (and) a financial impact on businesses," Sundermeier said.

That is what worries other computer security experts. If this online battle escalates, it could be a national security threat to the United States.

"Honestly, I would call our preparedness for dealing with a coordinated cyber attack mixed," said R. Pierce Reid, a futurist, formerly with General Dynamics Corp.'s armament division in Frederick, Md. "Cyber-warfare includes the obvious viruses and hacking, but in the bigger picture, it would involve other activities that are designed for a larger goal. A cyber-attack itself may not kill people but that is not the goal. It is to terrorize. And it can certainly impact an economy or jobs."


Reid noted the federal government has been preparing to defend against cyber-war through its National Infrastructure Protection Center and its Computer Emergency Response Teams.

"Their job is like being locked in a windowless cabin in the woods and, around the clock, listening to the clawing and scratching of dangerous animals trying to get in," Reid told United Press International.

Last fall, these Internet predators were able to penetrate the government's usually unassailable computer networks. A virus crippled the State Department's electronic system used to check visa applicants for criminal or terrorist connections. The computer system is known by the acronym CLASS, for Consular Lookout and Support System, and it contains records from the FBI, Drug Enforcement Administration and immigration authorities.

Last month, writers of the MyDoom virus knocked down a Web site controlled by SCO Group, a commercial software developer in Lindon, Utah, and attacked a site owned by Microsoft Corp.

"The terrorists' chances of success are pretty good despite the preparedness of our federal agencies," Reid said.

Who has trained these cyber-terrorists, and what their political agenda may be, ultimately remain mysteries. There have been reports in the computer trade press the North Koreans have a military school, called Mirim College, located in the mountainous Hyungsan area of the Korean peninsula, that is dedicated to teaching hacking skills to cadres.


Reports this week in the European press indicated al-Qaida may have plotted the terrorist attacks in Madrid online, as evidenced by a document published on a suspected terrorist Internet site that said the Spanish government would be "forced to withdraw" from Iraq after a series of planned bombings.

Authorities are searching for any clues to which cyber-terrorists are culpable, again by examining their computer code.

"When it comes to information warfare, so much is shrouded in secrecy," Rob Dao, a founder of the U.S. Air Force's Computer Emergency Response Team, told UPI. "Only the bad guys themselves, and senior U.S. government personnel, know for sure what is going on."

A United Kingdom task force called the National Hi-Tech Crime Unit is probing links between extremist groups and virus-writing cooperatives, seeking patterns in source code that may reveal the identity of the authors.

The Pentagon also is involved in the cyber-search and is trying to turn Internet technology against the hackers and terrorists.

This month, the U.S. Northern Command debuted an Internet-browser based system, called the Joint Protection Enterprise Network, that enables intelligence agencies and others to share new anti-terrorism information quickly online.

"It's cheap, off-the-shelf and it works," Air Force Gen. Richard Myers, chairman of the Joint Chiefs of Staff, said of the system during a recent conference in Washington D.C.


Computer experts doubt hackers and terrorists could disable the U.S. government with cyber attacks but fear the private sector could be significantly harmed.

"There was a virus unleashed a few years ago in Asia that caused $4 billion in damage," said Allen Shay, president and chief executive officer of NCR Government Systems Corp. in Rockville, Md., a database developer. "What could happen, on a grander scale, is much more nefarious. Significant damage could be achieved. It's clearly a viable way to attack our economy."

Shay said clients of his company, a $1.5 billion sales division of NCR, including Wal-Mart, SBC, Federal Express and others, have developed and deployed back-up computer systems to deal with a cyber-disaster.

"They're building redundant systems," he told UPI.

Some experts doubt, however, that al-Qaida or other Islamic extremist groups are solely to blame. By their reasoning, some cyber-crime is coming from unethical businesses that seek to spy on or sabotage competitors.

"It's definitely naive to think that today the virus writers are simply limited to a bunch a kids with too much time on their hands," said Randy Kahn, author of the new book, "Information Nation" (AIIM Press, 2004).

"It's about big business," he told UPI, "getting a competitive advantage in any pursuit. Our enemies, whoever they are, are doing whatever they can to undermine us."



Gene Koprowski covers telecommunications issues for UPI Science News. E-mail

Latest Headlines


Follow Us