NATO online - worms, wars and ethical hackers

NATO online - worms, wars and ethical hackers

27th May 2008, Comments 0 comments

At the centre in Belgium tasked with protecting NATO's own computer and communications systems, Ben Nimmo discovers a mix of military sobriety and nerdy humour.

For a room capable of jumping to action stations at the touch of a button, NATO's top cyber-defence centre has remarkably comfortable seats.

In a windowless room behind heavy steel doors, Star Trek-style swivel chairs face batteries of computers. Behind them, a wall-to-wall array of flat screens shows complex technical charts and an enormous world map studded with flashing icons.

Next to it, a screen shows the time in locations around the world.

But rather than covering superpower cities such as Tokyo and New York, it tells the time in places like Baghdad, Kabul and Kosovo - the current location of over 60,000 NATO front-line troops.

The room lies in the heart of SHAPE, NATO's Supreme Headquarters of the Allied Powers in Europe, and its job is, quite simply, to make sure that NATO's computers and communications systems keep working no matter what hackers, geeks and hostile governments throw at it.

"We are the technical and operational lead for cyber-defence in NATO. Our job is to provide 24/7 information assurance," Major Eulys Shell of the US Army, the officer commanding NATO's Computer Incident Response Capability's Technical Centre, or NITC, said during a rare visit of the media, including Deutsche Presse-Agentur dpa.

The room is a striking mix of military sobriety and nerdy humour. Most of the staff wear army uniforms, and all of them stare at the scrolling displays of incoming threats with total concentration, oblivious to the journalists leaning over their shoulders.

But on the wall an enormous photo of a crocodile swallowing a computer memory stick hangs above the slogan, "Keep an eye on your USB stick before someone else snaps it up."

And there are knowing grins and chuckles when a daring journalist asks, "How many of the staff here used to be hackers?"

"You could say they're ethical hackers: they're trained in the skills of hackers, but they don't necessarily carry out their functions," one officer replies carefully.

Indeed, far from being bent on messing up a laptop near you, the centre's 91 military and 27 civilian staff are tasked with protecting NATO's own systems from attacks from outside.

Most of the "incidents" they deal with are routine: 80 per cent of the emails reaching NATO servers are spam, and one memorable recent attack was aimed at sending out Viagra adverts under the NATO banner.

Another key task is to talk with NATO governments and the computer industry to identify what new threats might be "out there", in the world of worms, viruses and Trojans, Shell says.

Such attacks "could be a hacker doing it for fun, they could be state-sponsored, they could come from industry," Shell says.

But their most important job is to fight off targeted attacks designed specifically to cripple NATO's computer systems. Information on such attacks is classified, but they do happen, he says.

Indeed, the most notorious cyber-raid on a NATO member was anything but classified. In April 2007, pro-Russian hackers launched a massive attack against Estonian state and bank computers in protest at Estonia's decision to relocate a Soviet war memorial.

The attack was "not particularly refined or original, but it was particularly massive," and Estonia fought it off because of excellent cooperation between the authorities and internet providers, says Chris Evis, civilian head of the incident-management section.

But it rang warning bells around the globe, with Evis saying that "I'm not sure that there would have been that level of cooperation if it happened somewhere as big as the US."

On May 14, six NATO members signed a deal with Estonia establishing Tallinn's cyber-defence centre as NATO's top training base for the next generation of cyber-warriors.

That move came just weeks after NATO leaders approved the idea of a joint cyber-defence policy covering the entire alliance.

While NITC's manpower is 91 military staff and 27 civilians, it is set to go up to around 200 within the next year, Shell said.

And with computer systems, and efforts to disrupt them, becoming more complex by the day, the men and women in the Star Trek chairs look set to line up alongside NATO's tanks for a long time to come.

(DPA - Expatica May 2008) 

0 Comments To This Article