Cybercrime, cyberterrorism, cyberwarfare.

U.S. Sets Cybersecurity Plan-The White House has scaled back its strategy for preventing online attacks.-By Brian Krebs-washingtonpost.com Staff Writer-Friday, February 14, 2003; 6:22 PM-The Bush administration today quietly released a scaled-back cybersecurity strategy outlining steps government, industry and citizens should take to protect computer systems from online attacks. The strategy, which President Bush signed on Jan. 31, has been in development since shortly after the Sept. 11, 2001, terrorist attacks. Unlike earlier drafts that asked the private sector to take concrete steps to protect their systems, the majority of the final document directs the government to lead by example by tightening the security of federal information systems.

Bush Orders Guidelines for Cyber-Warfare-Rules for Attacking Enemy Computers Prepared as U.S. Weighs Iraq Options -By Bradley Graham-Washington Post Staff Writer-Friday, February 7, 2003; Page A01-President Bush has signed a secret directive ordering the government to develop, for the first time, national-level guidance for determining when and how the United States would launch cyber-attacks against enemy computer networks, according to administration officials.

Bush Approves Cybersecurity Strategy--By Brian Krebs-washingtonpost.com Staff Writer-Friday, January 31, 2003; 1:03 PM-President Bush has approved the White House's long-awaited national cybersecurity strategy, a landmark document intended to guide government and industry efforts to protect the nation's most critical information systems from cyberattack.
In an e-mail sent Thursday to White House officials, cybersecurity adviser Richard Clarke said that the National Strategy to Secure Cyberspace has received Bush's signature and will be released to the public in the next few weeks. The strategy has been in development since shortly after the Sept. 11, 2001, terrorist attacks.

"National Strategy to Secure Cyberspace - For Comment," President's Critical Infrastructure Protection Board, September 2002.
*電力や交通などの様々な分野においても、情報通信網を守るための戦略計画をたてています。これらの計画内容と、その計画を分析したPCIS(Partnership for Critical Infrastructure Security)の概説は、以下のサイトからアクセスできます。
Banking and Finance, Chemicals, Electric Power, Higher Education, Information Technology & Telecommunications, Insurance, Oil and Gas, State and Local Governments/Law Enforcement, Transportation (Rail), Water Systems

2002年10月10日に米下院議会の科学委員会でサイバーセキュリティに関する公聴会における証言の状況 : Full Committee Hearing on Cyber Security ? How Can We Protect American Computer Networks From Attack? 
公聴会概要:"On Wednesday, October 10, 2001 at 10:00 a.m. the House Committee on Science will hold a hearing to examine the vulnerability of our nation's computer infrastructure as well as research-related challenges and opportunities facing the nation’s computer networks. Testifying before the committee will be witnesses representing industry, academic, government and non-profit organizations.  Witnesses will comment on gaps in research and education in the computer security field.  Since most of the information infrastructure in the United States is owned and controlled by the private sector, witnesses will also comment on ways to encourage collaborative approaches to shoring up our ability to predict, prevent, and mitigate attacks."

上記の公聴会で言及された1998年の大統領決定指示 第63号(Presidential Dicision Directive No.63)についてのレポート : Critical Infrastructures: Background and Early Implementation of PDD-63. June 19, 2001. (PDF27ページ)
PDD 63についての説明: On May 22, 1998, President Clinton issued Presidential Decision Directive 63 (PDD-63), which called for a national effort to assure the security of the increasingly vulnerable and interconnected infrastructure of the United States, especially cyber-based infrastructure.  These infrastructures include telecommunications, banking and finance, energy, transportation, water systems, and essential government services.  The directive required the federal government to immediately assess the vulnerabilities of the nation’s computer-based systems and remedy deficiencies, and to produce a detailed plan to protect critical infrastructures and defend against information warfare. It ordered the federal government to serve as a model to the rest of the country for how infrastructure protection is to be attained, and called for joint public-private action to protect critical infrastructures.  The directive set 2003 as the target date for full implementation of a “reliable, interconnected, and secure information infrastructure.”

「大量破壊兵器および先端通常兵器の技術拡散」(2001年1月〜6月):米中央情報局(CIA)が半年ごとに議会に送る報告(1・30)によると、核・化学物質や細菌に関する情報や技術がインターネット上で以前よりも入手しやすくなっており、テロリストが核・化学物質や細菌を使う恐れが一段と増している、扱いが簡単な食品や水道水を汚染させる化学物質に関心を持っており、安価に広範囲の一般市民をパニックに陥らせることに手を染め始めている、等と警告している。このフルテキストは次のURLでご覧になれます。:Unclassified Report to Congress on the Acquisition of Technology Relatingto Weapons of Mass Destruction and Advanced Conventional Munitions, 1 January Through 30 June 2001

量子コンピューター実用化へ一歩 米IBMなど-CNN-2001.12.22 -Web posted at: 9:05 AM JST (0005 GMT)

国家インフラストラクチャー保護センター(National Infrastructure Protection Center)から、サイバーアタックについてのレポートの全文が以下のサイトでご覧になれます。2001年10月31日
Cyber Protests: The Threat to the U.S. Information Infrastructureー(PDF 6ページ)

レポートの概要 : Cyber protests and Internet sabotage are likely to increase as political dissenters become more attuned to the potential of the Internet, according to the National Infrastructure Protection Center (NIPC), a key U.S. government agency monitoring potential threats to communications, energy, finance, and water systems. The prediction is included in a report released in October 2001 entitled "Cyber Protests: The Threat to the U.S. Information Infrastructure." Losses and damages caused by cyber attacks have been limited, according to the report, but electronic sabotage has become a frequently used tool of dissenters. Some of the significant episodes cited in the report:

-- Computer-savvy Chinese hacked U.S. government sites after China's embassy in Belgrade was accidentally hit during the NATO air campaign against Yugoslavia.

-- Israeli and Palestinian hackers launched mutual cyber attacks in October 2000 when peace talks broke down.

-- Pakistanis hacked Indian sites in connection with the ongoing dispute over Kashmir.

-- Koreans sabotaged Japanese sites earlier this year to protest a Japanese history textbook's treatment of atrocities committed by the Japanese army in World War II.

ネット戦争についての本(9月11日のテロに関する項目も含む)がランド研究所から発表されました。全文と要約は次のサイトからご覧になれます。: Networks and Netwars:The Future of Terror, Crime, and Military:by John Arquilla, David Ronfeldt (editors);定価25ドル、(Paperback, 375pp)
要 約(30頁?) : 

「国際法におけるサイバー戦の位置付け」−岩本 誠吾-鈴鹿国際大学国際学部教授:防衛法学会編「防衛法研究」第25号(2001年10月1日刊;65頁〜82頁)

 10月9日、ライス(Condoleezza Rice)国家安全保障担当大統領補佐官と昨日就任したばかりのリッジ(Thomas Ridge)国土安全保障局長は、ホワイトハウスの大統領府内に更なる2つのテロ対策のポジションを新設した。
 1つは、「テロ対策担当大統領顧問」(National Director & Deputy NationalSecurity Advisor for Combating Terrorism)でウエイン・ダウニング元陸軍大将(General Wayne Downing)を任命、2つめは「サイバー空間安全保障担当特別補佐官」(Special Advisor to the President for Cyberspace Security)で元政治・軍事担当国務次官補のリチャード・クラーク(Richard Clarke)が任命された。
@ ライス大統領補佐官とリッジ局長による新ポジション新設に関する発表:
New Counter-Terrorism and CyberSpace Security Positions Announced:
A 2つのポジションの任務内容の説明:
Fact Sheet on New Counter-Terrorism and CyberSpace Positions:

Global Security Org.(米国の安保問題研究機関)のサイト: ご興味の衛星写真、NEWS等ごらんください。:NEWS一例;US electronic surveillance technology comes up short in war on terrorism; By JEAN-MICHEL STOULLIG-The United States possesses an impressive arsenal of electronic surveillance devices highly effective against conventional troop movements but likely to prove less useful in tracking down terrorist networks in Afghanistan, experts have warned. They said satellites, aircraft and pilotless drones can prepare the ground for bombardments and commando operations but cannot replace human, on-the-ground spies when the goal is to foresee attacks and terrorist movements.

米下院の政治改革委員会(Committee on Government Reform)の、政府効率性・金融管理・政府間関係小委員会(Subcommittee on Government Efficiency, Financial Management and Intergovernmental Relations)でのコンピュータ・セキュリティに関する公聴会における証言等。
@サイバー・アタックについて (2001年9月26日)ーInformation Technology ? Essential Yet Vulnerable: How Prepared Are We for Attacks?"  September 26, 2001.

次はホーン委員長の開会声明の一部です。"We have known for several years that our government's critical computer systems are as vulnerable to attack as airport security. It is now 2001, and the government has made little progress in addressing computer security issues. Are we going to wait until these vital systems are compromised - - or worse?  In addition to the threat of physical assault, the nation's information technology systems are already under cyber-assault. Following the terrorist attacks in New York and Washington, the 'Nimda' worm attacked computer systems around the world. These attacks are increasing in intensity, sophistication and potential damage. Is the nation ready for this type of terrorism? Will its basic communications and computer infrastructure withstand a major assault?"

Aコンピュータ・ウィルスについて (2001年8月29日)ーWhat Can Be Done to Reduce the Threats Posed by Computer Viruses and Worms to the Workings of Government?

次はホーン委員長の開会声明の一部です。"The dramatic increase in computer use and the Internet are changing the way we communicate and conduct business. In addition to a wealth of personal information, the government's computer systems hold information that is vital to the security and economic well-being of this Nation.  Unfortunately, these systems are increasingly vulnerable to hostile attacks that are capable of extracting information and potentially threatening the Nation's infrastructure, Overall, the number and sophistication of these attacks is rising dramatically."

強大な感染力の新種ウイルス「ニムダ」 各社が大規模感染の恐れで警報ーMAINITI Interactive. 2001-09-19.

「コード・レッドは中国から」 米下院公聴会で証言 - CNN-2001.09. 1 ; Web posted at: 7:47 AM JST (2247 GMT) -ワシントン(ロイター) 新型のコンピューターウイルス「コード・レッド」が中国広東省の大学から発信されたらしいことが、米議会の調査でわかった。

いまそこにあるサイバー攻撃という脅威 ; Foreign Affaias 8月号掲載
(論文の要旨) 今日の情報戦争は、ハッカーたちが敵対する相手国のコンピューター・ネットワークを機能不全に陥れるという戦闘形態を特徴とする。これこそが、軍事力ではアメリカに遠く及ばないことを悟った他の諸国がアメリカの弱点であるコンピューター・ネットワークを攻撃するという「非対称戦争」である。しかも、サイバー戦争には、法的境界線もなければ、地理的な境界線も存在せず、一般に入手可能な技術で、アメリカの戦争遂行能力を簡単に機能麻痺に陥れることができる。

Cybercrime, cyberterrorism, cyberwarfare.-CSIS TASK FORCE REPORT.1998.
 社団法人 日米文化振興会 安全保障研究所主催 CSIS企画協力 「サイバー・テロ対策」フォーラム(2000年11月15日ー1300−1600ー赤坂プリンスホテルで開催)での配布資料に掲載。(「CSIS」については「検索等サイト」の中段参照)

 TREND MICRO社の「ウイルスSirCam専用駆除ツールをダウンロードできるサイト」

サーバーに侵入;新型ウイルス「コード・レッド」;米軍サイトの大半一般接続一時停止ー産経新聞、2001年7月24日、夕刊?:Code Redは、従来型と異なり、ユーザーがメールを開いたりしなくても感染して爆発的な勢いで広まるワームの一種。ネットのデータのやり取りを管理するサーバーに侵入し、送受信の渋滞を引き起こす。このワームは、Microsoftのホームページ発信用ソフト IIS を使用しているweb server と、OSに「ウィンドウズNT」「同2000」を使っているものに感染する。7月19日に30万台以上のウィンドウズ・サーバーに感染し、インターネットに大きな障害を与えた。「ウィンドウズ95、98、Me」には感染しないとされている。  Digital Islandの予防ソフトへ。  Microsoftの予防ソフトへ