Introduction:
In the aftermath of Sept. 11, 2001, as most U.S. intelligence shifted to finding Al Qaeda cells around the world, one group at the White House decided to investigate a new threat -- attacks from cyberspace.
"In the past, you would count the number of bombers and the number of tanks your enemy had. In the case of cyber war, you really can't tell whether the enemy has good weapons until the enemy uses them," says Richard Clarke, former chairman of the White House Critical Infrastructure Protection Board.
In "Cyber War!" Clarke and other insiders talk about a new set of warriors fighting on the new battlefield of cyberspace, and they evaluate just how vulnerable the Internet may be to both virtual and physical attack.
"The thing that keeps me awake at night is [the thought of] a physical attack on a U.S. infrastructure combined with a cyber attack which disrupts the ability of first responders to access 911 systems," says Ron Dick, former head of the FBI's National Infrastructure Protection Center.
The issue of cyber war first began to command urgent White House attention after a distinguished group of scientists wrote an open letter to President Bush in February 2002.
"The critical infrastructure of the United States, including electrical power, finance, telecommunications, health care, transportation, water, defense and the Internet, is highly vulnerable to cyber attack. Fast and resolute mitigating action is needed to avoid national disaster," wrote the authors of the letter, who included J. M. McConnell, a former head of the National Security Agency, Stephen J. Lukasik of the Defense Advanced Research Projects Agency, and Sami Saydjari of the Cyber Defense Agency.
"Ultimately, it turned into about fifty-four scientists and leaders -- former national leaders, intelligence community people as well -- sending this letter that makes the case that says, 'We have a problem here,'" Saydjari tells FRONTLINE.
In "Cyber War!" FRONTLINE investigates a number of cyber attacks that have already occurred in recent years, including "Slammer," which last January took down the Internet in South Korea and affected 911 systems and the banking system in the United States, and the "Nimda" virus that quietly attacked Wall Street in 2001.
FRONTLINE talks to cyber security experts about what these defining wake-up calls reveal about the vulnerabilities of cyberspace. This report also follows efforts by the United States to go on the offensive.
"You cannot defend yourself unless you understand how the offense works. And in so doing, you learn to wage offensives," says John Arquilla, associate professor of defense analysis at the Naval Postgraduate School in Monterey, Calif. Arquilla has helped the Department of Defense develop information warfare strategies utilized in the first Gulf War, Kosovo, Afghanistan, and in the most recent war with Iraq.
But many cyber war experts believe the Internet could be used to launch a major attack on the nation's infrastructure.
"What we found on Al Qaeda computers was that members of Al Qaeda were from outside the United States doing reconnaissance in the United States on our critical infrastructure," says Clarke.
One target, experts say, could be the country's electric power grid. By exploiting vulnerabilities in the supervisory-control and data-acquisition (SCADA) systems that utility companies use to remotely monitor and control their operations, American cities could be left in the dark.
"You could take down significant pieces of it for let's say operationally useful periods of time. Penetrating a SCADA system that's running a Microsoft operating system takes less than two minutes," says a hacker who spoke on the condition of anonymity.
Joe Weiss, a control system engineer and executive consultant for KEMA Inc. reluctantly agrees that the power grid is vulnerable. "A very worst case could be loss of power for six months or more," says Weiss.
This FRONTLINE report also looks at how Clarke, scientists, and some inside the military have tried to convince Washington that cyber security needs to be a priority. They have had limited success.
A few days before FRONTLINE's broadcast, the recently appointed White House cyber security adviser Howard Schmidt announced his resignation, noting that much of his responsibilities have been transferred to the new Homeland Security Department and warning that "cyber security cannot now be reduced to a 'second tier' issue. It is not sufficient to just respond to attacks, but rather proactive measures must also be implemented to reduce vulnerabilities and prevent future attacks."
"I think cyber terrorism is a theoretical possibility," says John Hamre, director of the Center for Strategic and International Studies, a prestigious military think tank. "[But] terrorists are after the shock effect of their actions," Hamre adds. "And it's very hard to see the shock effect when you can't get your ATM machines to give you twenty dollars."
But Clarke -- who as head of counterterrorism for the Clinton and Bush administrations was an early voice warning about Al Qaeda in the middle 1990s -- says cyber attacks are imminent.
"When we have the experts telling us we have a big risk," says Clarke, "wouldn't it be nice, for once, to get ahead of the power curve, solve the problem, so there never is the big disaster?"