with which to launch cyber-attacks.25 Modern technology has made the tools of IW cheap, readily available, and easily obtainable.26 Little specialized equipment is needed. The basic attack tools consist of a laptop, modem, telephone, and software – the same instruments commonly used by hackers, and by many modern professionals for that matter.27 Interpol has estimated that there are as many as 30,000 websites that provided automated hacking tools and software downloads. In 2000, a total of 22,144 attacks were detected on Defense Department networks, up from 5,844 in 1998.28 Worldwide aggregate damage from these attacks is now measured in billions of U.S. dollars annually.29 Problems of protecting the information technology infrastructure in many Western states are compounded by the fact that much of it is owned by the private sector such that the government can generally play a limited role. Consequently IW has great potential for the proliferation of asymmetric warfare.30
25 President’s Commission on Critical Infrastructure Protection, Critical Foundations: Protecting America’s Infrastructure A-48, 49 (Oct. 1997).
26 The following is a list of common IW weapons: Sniffer – executed from a remote site by an intruder that would allow the intruder to retrieve user IDs and passwords or other information; Trojan Horse – remotely installed into the controlling switching centers of the Public Switched Network; Trap Door – a program used to gain unauthorized access into secured systems; Logic bomb – lies dormant until a trigger condition causes it to activate and destroy the host computer’s files. It can be hidden within a Trojan horse; Video-morphing – makes broadcasts indistinguishable from normal transborder data flows (a potential violation of the perfidy doctrine); Denial of service attack – prevents networks from exchanging data; Computer worm or virus – travels from computer to computer across a hospitals network, damaging files; Infoblockade - blocks all electronic information from entering or leaving a state’s borders; Spamming – floods military email communications systems preventing field communications; IP spoofing – fabricates messages whereby an enemy masquerades as an authorized command authority. Joyner, supra note 15.
27 Joyner, supra note 15.
28 Hacking of Pentagon Persists, Washington Post, Aug. 9, 2000.
29 A Proposal for an International Convention on Cyber Crime and Terrorism, Stanford University, Aug. 2000.
30 The widespread private ownership of critical IT infrastructure is more common in the U.S. than in Europe, potentially leaving the U.S. even more vulnerable to a cyber attack. See generally Robert Millward, Private and Public Enterprise in Europe: Energy, Telecommunications and Transport, 1830–1990 (1992) (examining the role that private and public enterprise have played in the construction and operation of the railways, electricity, gas and water supply, tramways, coal, oil and natural gas industries, telegraph, telephone, computer networks and other modern telecommunications in Europe in the nineteenth and twentieth centuries.).