• PC World
• »Tech Industry

If history is a guide, any Bush administration plan to remove Saddam Hussein from power in Iraq would likely set off a firestorm of hacker activity targeting U.S. networks and infrastructure. And those attacks could be greater in number and affect a broader cross-section of U.S. businesses than anything seen before, according to intelligence experts.

Surges in cyberattack activity have typically accompanied major international crises during the last several years, including the Arab-Israeli conflict, the war in Kosovo, and the collision of a U.S. spy plane with a Chinese fighter jet over the South China Sea last year.

However, any significant expansion of the U.S.-led war against terrorism, including an invasion of Iraq, could unleash an unprecedented wave of hacker activity, say intelligence and security experts.

Identifying Threats

Eric Shaw, a former psychological profiler at the U.S. Central Intelligence Agency, says he will be watching for increases in activity from specific threat groups.

"Islamic hacking groups have been uniting over the India-Pakistan and Israeli-Palestine [conflicts] and they are traditionally Iraq supporters and anti-U.S. and anti-Israel," says Shaw, who now works as a cybersecurity consultant at Stroz Associates LLC in New York.

A second group includes a mixture of U.S.- and European-based antiwar hackers, says Shaw. "Think about [groups] of young, liberal, elite, Western-educated youth [coming out] against the war. It would be a lot smaller than the Vietnam generation, but could still be potent," he says.

Moreover, a ground war in Iraq could spur other governments in the region to launch sophisticated state-sponsored information warfare campaigns. That's the conclusion of a study published two weeks after the September 11 attacks by the Institute for Security Technology Studies at Dartmouth College.

Striking Back

Ruth David, former director of science and technology at the CIA and now CEO of Analytic Services in Arlington, Virginia, says an orchestrated attack exploiting well-known vulnerabilities could be launched with little regard for precise targeting, and could cause significant disruption and financial loss to the "softest targets," the bulk of which are in the private sector. "Ironically, a serious attack of this type may engender even greater public support for any military action under way and is unlikely to seriously impede our ability to achieve military objectives," says David.

The Bush administration has formally stated that it is the policy of the United States to respond to cyberattacks by any means appropriate, including military action.

"Such an attack could significantly debilitate U.S. and allied information networks," the Dartmouth study concluded. That report was written under the guidance of Michael Vatis, a former director of the U.S. Federal Bureau of Investigation's National Infrastructure Protection Center.

High-Profile Targets

The real change associated with such a widespread cyberconflict is the likely expansion of the types of hacker targets, says John Pescatore, an analyst at Stamford, Connecticut-based Gartner. In addition to government and military networks, a U.S. invasion of Iraq would likely lead to the targeting of news media organizations, says Pescatore.

"Given how media-savvy the Middle East has become, I'd expect to see the large newspaper and television news sites targeted for both propaganda-planting and denial-of-service attacks," he says.

A global cyberconflict is also likely to affect companies that are considered American cultural icons, such as Microsoft, American Airlines, McDonald's and other multinational companies known for their U.S. roots, says Pescatore.

"Since September 11, companies have had to re-examine the various types of crises that can impact them, from bioterrorism to computer terrorism," says Steve Wilson, president of The Wilson Group, a crisis management consulting firm in Columbus, Ohio. "However, it's not just the typical hacker they have to be concerned with now. They can just as easily be a terrorist target as any government installation."