An Army of One

Let me tell you a story about a man named Gary:
Gary McKinnon, 39, is accused of accessing 97 US government computers, causing damage estimated at $700,000 (£370,000).

An extradition hearing at Bow Street magistrates’ court was told that McKinnon, of Wood Green, north London, deleted files that shut down more than 2,000 computers in the US army’s military district of Washington for 24 hours “significantly disrupting governmental function”.

It was claimed he left a note on an army computer in 2002 saying US foreign policy was “akin to government-sponsored terrorism”. The note allegedly said: “It was not a mistake that there was a huge security stand down on September 11 last year. I am Solo. I will continue to disrupt at the highest levels.”

McKinnon is accused of 20 counts relating to the American army, navy and air force, Nasa and the Department of Defence.

One allegation is that he deleted files and logs from computers at the US Naval Weapons Station Earle at a critical time after the Twin Towers attacks, rendering the base’s network of 300 computers inoperable.

Mark Summers, for the American government, said: “The defendant was acting from his own computer in London. He effectively owned those computers by virtue of the software he had transmitted. His conduct was intentional and calculated to influence and affect the US government by intimidation and coercion.”

It is also alleged that McKinnon obtained secret passwords or information which might become “indirectly useful to an enemy”, and interfered with maritime navigation facilities in New Jersey.

Via Pejmanesque

Didn’t Gary have something better to do with his time? Imagine the intelligence and skill this man possesses that could have been used to do something useful and good. But he did think he was doing something useful and good. American foreign policy was “akin to government-sponsored terrorism,” so he really thought he was doing good by attacking the US. This idea isn’t original to Gary, it’s the kind of thing we have heard again and again: the US is the #1 rogue state, America is a greater threat to world peace than al Qaeda or Saddam and so on. It was only a matter of time before someone who actually bought into this idiocy decided to act on it. Is it possible to defend yourself against this kind of solo actor?  We have to assume that there are many more people who not only share Gary’s views, but are willing to take the next step and act on those ideas. They are not organized, but rather complete solo actors who are operating without any knowledge of others doing the same thing. This time it was a computer attack, who knows what it will be next time.

Posted by Phil

4 thoughts on “An Army of One”

  1. Phil,

    Your post shows how a 5GW can be high-tech and conducted by a small amount of indivdiuals on the cheap. Like a destructive virus, Gary made his existence known. Wise viri are those that hide inside their host, becoming indistinguishable from him (think of the ultra-successful European varient of smallpox that seems to have infected 100% of the European population by 1492. Of course, it wasn't so invisible once it jumped to hosts to the Indians…)

    This also raises the question of whether it is wise to provoke “stupid” enemies. Gary, while technically competent, is little more than a nuisance. But I would rather Gary find the flaws, and have them quickly fixed by the Navy, rather than have “wiser” al Qaeda technicians see the same flaws, and silently infect through them!

  2. Yes, Gary caused some trouble which I suppose in the big picture is little more than a techno-speed bump. Gary's choice of actions followed from his pre-existing skillset. But let's say you had someone, maybe a woman with HIV who held the same views as Gary and chose to attack by seducing American diplomats and soldiers. This would be a more deadly attack, but would still not really effect our policies or political views. Now if she had done this for a few years and then came out in public and admitted it saying she did it for political purposes then it might have a psychological impact.

  3. Phil,

    Yes, a wonderful brainstorming post. One can imagine tieing these two tactics together — high-tech subversion of a government net to further low-tech passive biological warfare (say, altering flags and statistical data about the safety of certain GI entertainment locations in ROK, even Germany, etc…)

  4. Yes, new capabilities bring with them new vulnerabilities.

    The United States has an extremely powerful military. That military depends on a huge and very soft underbelly composed of networks and infrastructure that are poorly defended. Not only that, but the new technologies required to run such a military contain vulnerabilities that haven't been considered yet, much less defended.

  5. Jeremiah,

    What you say here is very important:

    “new technologies required to run such a military contain vulnerabilities that haven't been considered yet, much less defended.”

    New technologies bring with their own unique vulnerabilities. And while you can identify some of those, the reality is that there are many that your adversary will discover before you do. But even if you knew of all the vulnerabilities it still would not be possible to defend everywhere, no military has enough resources to adequately defend every weak point.

  6. Phil,

    Agreed, and that is why much of the push for high-tech warfare is dangerous.

    Militaries don't win by reinforcing their weak points – that's rewarding failure. Militaries win by attacking their enemy's weak points.

    However, by relying on high-tech networks you create a single point of failure (the network) that absoultely must be protected.

Leave a Reply

Your email address will not be published. Required fields are marked *