Path: utzoo!attcan!uunet!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!sunybcs!dsinc!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw
From: NZPAM001@SIVM.BITNET
Newsgroups: comp.virus
Subject: Washington Post article (Army Virus Contract)
Message-ID: <0003.9005301400.AA10793@ubu.cert.sei.cmu.edu>
Date: 24 May 90 12:42:40 GMT
Sender: Virus Discussion List <VIRUS-L@LEHIIBM1.BITNET>
Lines: 77
Approved: krvw@sei.cmu.edu

For possible interest, I'm forwarding the following article from yesterday's
Washington Post:

        The Washington Post, Wednesday, May 23, 1990
        By:  Evelyn Richards

        Army Scouting to Enlist Aid of Computer Virus

             Wanted:  Experienced computer hackers capable of breaking
        into enemy software systems and destroying secret files.
        Knowledge of computer viruses a must.
             Such a solicitation may not be that far fetched, considering
        the latest contract being put up for grabs by the U.S. Army.
        its secretive Center for Signals Warfare in Warrenton, Va., is
        seeking bids from businesses to study the feasibility of
        disabling enemy weapons systems by infecting them with
        disruptive computer programs.
             "We're looking to see if we can develop some malicious
        software concepts...[to] use against some adversary's command and
        control system," said Richard Poisel, the Army center's chief of
        research and technology.  He called the bid solicitation an
        effort to find businesses that could help in the "research
        effort," though he admitted it could draw a few run-of-the-mill
        hackers.
             In particular, the Army hopes to explore the use of so-
        called computer viruses--a type of unwanted software program that
        can propagate undetected from one computer to another, thwarting
        the computers' normal functions and sometimes garbling date.
        Incidents of computer sabotage have swept the country in recent
        months as hackers become increasingly efficient at breaking into
        the systems of businesses, universities and research centers.
             But what the Army envisions would be far trickier for your
        average hacker to pull off.  The biggest obstacle would be
        figuring out how to implant the enemy systems with the dreaded
        software.
             One answer suggested by the Army is to somehow transmit the
        malicious software code over radio waves.  It apparently figures
        that the troublemaking software could be inadvertently accepted
        by an adversary's system as it was receiving other information
        over the air.
             But some computer experts say the concepts borders on the
        absurd, in part because  such communications systems would likely
        contain elaborate schemes to protect against intrusions.  Also,
        altering software requires an intimate knowledge of how it
        operates under normal conditions, something that the United
        States would be unlikely to have in hand for a rival's system.
        And most military computer system cannot be reprogrammed by
        remote control.
             "It's equivalent to walking up to an arcade game and
        changing the programs of the game ... with the joystick," said
        William Murray, a computer security consultant who works with
        Deloitte & Touche in Connecticut.
             Not everyone is convinced the idea is so far-fetched.
             Myron Cramer, an electronic warfare specialist at Booz,
        Allen & Hamiltion Inc. in Bethesda, sees a day when viruses could
        be remotely injected into enemy computers that support air
        defense and battlefield control systems, lurking there covertly
        until they spring into action.  He even has described an
        "assassin" virus that could wreak widespread havoc and then erase
        itself, leaving no trail behind.
             Some experts also believe that evaluating such possibilities
        could help the United States plug its own vulnerabilities to
        computer disruptions.  Indeed, some computer specialists who were
        told of the Army's proposal said that the Untied States, more
        than any other power, is prone to be a victim of malicious
        software.
             "In any kind of environment where you'd want to set
        something like that loose, our forces would likely be more
        vulnerable than anyone we would be up against," said Eugene
        Spafford, a Purdue University professor who specializes in
        computer security.  "We have more computers and ours are more
        homogeneous than what others would be running."
             Is the Army, by soliciting such research, encouraging
        computer tempering in the commercial world?  Poisel doesn't think
        so.  "The Army developed the M-16 gun for military uses but
        certainly would discourage the private sector from using [it],"
        he said.  "It's not really an issue."