Future wars could be IT-based

HUNTSVILLE, Ala.? A professor from Auburn University has made the case that the United States may face a war in the future in which not a single shot is fired, but yet America loses.

There could be "pre-emptive achievement of military objectives strictly by information warfare techniques," said John "Drew" Hamilton, associate professor of engineering and director of the Information Assurance Laboratory at the university.

Hamilton projected that such a conflict could take place by 2015?the time it would take to infiltrate computer development programs and insert malware into operating systems, applications software, firmware and hardware.

Acquisition trends in the military actually facilitate the possibility of such a scenario, Hamilton added. "You don't expect the military to go to Home Depot to buy a [rocket launcher], but we expect them to go to Staples to buy software," he said.

Software developers have always written back doors into their code, and even secure, partitioned systems such as the Secret IP Router Network have them.

"I learned that when I got e-mail from Joint Forces Command to scan their attachments" for viruses, Hamilton said.

The risk in pushing the use of commercial, off-the-shelf software is compounded by private-sector outsourcing, he said. Microsoft Corp., for instance, has outsourced some programming tasks to China and Russia.

Hamilton said that Dan Wolf, information assurance director of the National Security Agency, told an academic group in June that "DOD agencies have been outsourcing IT services to [Section] 8a firms that are fronts for foreign intelligence agencies."

Nor is the problem limited to the Microsoft environment. Linux, touted by open-source proponents, has its own vulnerabilities. "NSA [National Security Agency] recompiled the kernel so you can't turn off [key] logging, which is good for forensics," figuring out what happened after the fact, Hamilton said.

Finally, the military has not made software a "core competency," according to Hamilton. "Some government agencies have contracted for software code they don't own the rights for."

Hamilton suggested several steps that could be taken to pre-empt and prepare for this kind of warfare, including reverse-engineering software architecture to find weaknesses, identifying sensitive parameters that can be exploited and looking for undocumented functionality.

He also said that the Defense Department should stop funding university research conducted by foreign nationals. Hamilton added that this is not a xenophobic reaction, but a reasonable response to a potential threat.

Patience Wait is a senior writer for Washington Technology's sister publication, Government Computer News.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • POWER TRAINING: How to engage your customers

    Don't miss our Aug. 2 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman interviews Tom Romeo, the leader of Maximus Federal about how it has zoomed up the 2019 Top 100. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.