SEC JUN 0 1995 - H1035 inc-114140145 uric Nonlethal Technologies Worldwide ON 2 BY COR USAINSCOM FOUPO AUTH PARA 1-003 DOD 5200 14 NGIC comme Inna-mun 100 15-6- I 55015 WERE a- g CHEMICAL EFFECTORS WORLDWIDE mmichwDefeuMednnims 'H-g elationAgents Additives MAir Micromets'l Oxidants I Overview Former Soviet Union FSUChina Capabilities Acidi cationlCon'osion Agents Overview Foreign Interest - - - - - - - - - - - - - - - - - Abrasives - - - - - - - - - - Foreign Interest -- Sodiumand Vanadium humming Agents Introduction Riot-Control Agents RCATearAgeots Vomiting Agents hicapacitants i3 Paralyzants 13 Obscurants 14 Introduction l4 Neutral 0mm 14 Agent Obscunnts l7 Emb ttling Compounds 18 Net Assessment 19 BIOTECHNICAL EFFECTORS WORLDWIDE 23 lmroduction 23 Fuel Stabilization Foams 25 mome v'con gum PARA 1-503 09053994812 Lu I SECRET Contents Continued Former Soviet Union 25 Biocorrosion Agents 25 Introduction 25 Former Soviet Union FSUNet Assessment 27 ACOUSTIC WORLDWIDE 3 modulation -31 lnfrasound Bioeffects 37 hrfrasound Generation and Propagation 38 Net AssessmentWORLDWIDE 43 '1ntroductiorr 43 Mo equerryWeaporrs 43 Laser Weapons - 46 The Eorrner Soviet Union FSU47- Armenia 47 France and Germany 47 China 48 Iraq 49 Israel 49 Jordan 49 Cunmemial Laser Weaponization 49 S'mhe g'x 49 Net Assessment 49 KINETIC WORLDWIDE 53 Introduction 53 Grenades 53 Bulk Dispersal Systems 56 Entanglementhets 56 Baton Cartridges 60 Net Assessment 60 INFORMATION WORLDWIDE 61 Introduction 61 Electronic Intrusion 61 Malicious Software 64 Net AssessInent 66 CONCLUSION 67 Nonle ral Mil Warfare 67 Henrietta Biotechnical Warfare 67 Noniethal Acoustic Warfare 67 EGFIADED UNCLASSIFIED con USAINSCOM more Contents Continued Nonlethal Electromagnetic Warfare 68 Nonlethal Kinetic Warfare 68 Norrlethal Information Warfare 68 Distribution List Appendix - - - it - A List of Abbreviations and Acronyms 69 Tiles 1 Oatmtries 'Vice Interest and Capabilities in Nonlethal Technologies Extent and Emerging2 - Selected Nonlethal ClremicalAgent Designator and Agent Effectiveness 6 3 Chemical E 'ectOrs Worldwide 4 Agent'Obscurants Vice Spectrum Vulnerability '16 5 Countries Engaged in Liquid-Metal Embrittlement 18 6 Critical Contributing Technologies Required to Produce Chemical 5 Nonletltal Fuel-Defeating Agents 20 i 7 Projected Foreign Gternical Nonlethal Fuels Defeat Capabilities 2000 21 i 8 Critical Contributing Technologies Required to Produce Biological Nonlethal Fuel-DefeatingAgents 29 i- 9 Projected Foreign Bioiogical Nonlet'nal Facts Dam capabilities 2000 29 10 Radiofrequency Weapons Technology Worldwide 51 11 vs Nonlethal Laser Capabilities 51 12 Worldwide Stun Grenades 54 Figures 1 Tank Engine Exhaust Valves After 12-Second Combusrion Modi er Test 3 2 Russian Mobile Lidar 3 3 French MP7 Jet United Kingdom No 83 N201 12 5 lsrael Antiterror Weapon Model Fuel Clogging Microbe 24 7 Russian Fuel Oel1FoIm Sample 26 8 Russian Ultr'anationalist 3 February 1994 Claim of Secret Acoustics Weapons 32 9 Directed Acoustic Weapar Concept 34 10 Directed Acoustic Ommnneasur11 Engagement Scenario 36 12 Acoustical Detonation Wave Generator 36 REGRADED UNCLASSIFIED BY OUR USAINSCOM FOUPO AUTH PARA 1-803 DOD 5200 1-Fl - - SECRET INTEL Contents Continued 13 Rep-Rated Cruise Missile Concept 44 14 Russian High-Power Microwave Coumelmine System 45 15 Model of Russian 50 kW High Power Laser System 47 16 Schematic of Russian Gas-Dynamic Loser Mobile Complex for Remote Cutting 48 17 South African Shobe Light 50 1820 Polish An pemonnel Net System 59 NONLETHAL INFORMATION EFFECTORS WORLDWIDE 5 0 ittr'oduclion U Computer viruses are another unconventional dis- daling effeCt already alarmingly demonstrated by hackers both domestic and international The informa- tion warfare technologies addressed in this section computer viruses malicious codes information distor- tion and surreptitious insertion loom as some of the greatest potential threats to a digitized information- based modern army Undetected such weapons could disrupt tactical or even national defense mechanis of a computer-dependent infrastructure U increasing concentration of information in com- puters computer systems and networks that support command control communications intelligence and other military applications has made information tech- nology a competitive weapon of unparalleled power and importance Atthe same time the utilization of in- formation technology has made possible the compro- mise or corruption of critical information and the disruption of information services U Both electronic intrusion into computers arrtl net- works and the use of malicious software computer vi- ruses Trojan horses worms logic bombs and the like have the capability to supply an adversary with the r 5 -data modify 'md'tnanipulate data or disrupt operation of computer systems Manic Intrusion U Experts have assessed thatcomputers with net- work connectivity or dial-up access can be entered by an electronic intruder from anywhere in the world Gaining access to these computers through a network connection is relatively simple costs very linle and typically involves little risk of detection Information on systems and networks is readily available from a va- riety of sources including professional journals text- books and computer bulletin boards Information about operating system vulnerabilities is frequently provided in publications of the computer underground Many intruders are familiar with phone company equipment and software U In general to access an automated information system an intruder must obtain system user identi ca- tion and passwords These may be provided by legiti- mate users intentionally or unintentionally found by testing common or logical passwords or through use of certain software tools The intruder then attempts to identify and take advantage of known vulnerabilities in the hardware software or system operation Once an ofintereerte may itstall a trap door a software mechanism that permits system protection to be circumvented and al- undetected FOUO Once an intruder obtains a valid password ID hecanmasquerade as alegitirnate user lithe in- administrator or system programmer he can grant himself superus- er privileges allowing him to modify or delete st SECRET sacral if 55 2 5 2 3 2 5 can 71 $04 WINTEL programs data index tables and legitimate user privi- leges in addition he can then alter the audit trail to hide his presence When inside the system the intruder has the opportunity to modify data or programs Intruders often share information through 'I'tlectronic bulletin boards BBS electronic computer magazines ECM eometimes called phracks and other publications of the computer underground BBS and ECM provide tips and techniques on computers spewing systems passwords computer addresses hacking data and telemone lystems and manipulating the telephone system phreaking Similar irtforruation is frequently avail- able in mainstream computer publications as well One phraclt even contained information on the data tion standard DES DES a complex nonlinear ci- phering algoritlun is one of the most frequently used methods gure 22 Defense and defense-related computers have been subject to intrusions of this type on a number of occasions I Over a period of several years ending with their arrests in March l989 a group of former West Germans now re ned to as the Hannover hack- e' see 9 it never to access over 750 computer systems 111$ included databases or networks hosted by at leasr 90 US defense or defense-related facilities According to press reports Dutch teenagers gained access apparently through an INTERNET connec- tion to computer systems at 34 sites includ- ing the Air Force Weapons Laboratory the David Taylor Research Center the Army Information Sys- tems Command and the Navy Ocean Systems Cen- ter during Operations Desert Shield Storm They were snoOping in sensitive rather than classi ed military information The intrusions normally involved broad-based keyword searches including such words as rockets missiles and weap- ons They exploited a trap door to pennit future access and modi ed and copied military informa- tion to unauthorized accounts on US university sys- terns Although no customer was identi ed the data collected by this group could have been sent 6 ers used telephone lines from and l-lan- electronically anywhere in the world Information Available from Computer Magazine The following advertisements were copied from the December I991 issue of Coroputer Craft formerly Modern Electronics COMPUTER TROJAN HORSES VIRUSES WORMS etc and counterrneuum Includes diet with of hacker text files and utilitiea and legendary protection system ED Choice PC Magazine Dozen of computer crime and ahuae methodl and countennemraa How systems are penetrated BBS advice Wt defeats gleam-y much more Monks-Disk $39 EEYOND VAN ECK PHREAKING on VDT and TV video aignala using an ordinary Rangea up to Plane countermeasures Include legal Van Eek uses and original Top Secret Van Eek design 329 SIS TECH Five powerful merits-driven eryplo programs in COM and their BAS aourou to analyze 'mtlre' ciphel llnl Worked-out example Indemni ed in prestigious COMES 8 SECURITY Manual 4- Disk 29 Figure Wu teerrua Hernia ate SECRET I An unauthorized user entered several systems at Lawrence Livermore National Laboratory in early December 1988 using a vulnerability in the le transfer protocol of UNIX to achieve system man- a'ger status This allowed him access to six Sun workstations and VAX machines Although the Irditrecords Hedldootappeartobeafterany par- -_hrta-eakingintonewaystems 'I hebaekerusedthe INTERNET routed his calls through crmputers In several universities including Stanford the Uni- New Jersey I In June 1992 British authorities arrested a group of hackers In the United Kingdom Data retained by the hackers included information on computers in New Zealand Belgium Finland and other coun- tries password les from various computers and scripts of sessions between themselves lad other hackers Although the full extent of their activities is still unclear a review of information to this indicates that the hmkers accessed the follow- Electronic intrusion is a signi cant artd grow- ingtlueat through network interconnectivity from virtually any- where in the world because of the interconnection of the public telephone system artd military and civil com- munication systems The collective skill set or unau- thorized users is high The globalization of network connections and the availability of information about shared in addition to providing an avenue for attack netwurk connectivity also provides a mearts by which snacks can be coordinated Foreign Intelligence Ser- vices F18 clearly are irtterested in the skills required to access automated information systems they may be interested in the hackers themselves as well While in- dividuals operating independently represent primarily nuisance threats the orchestration of groups of unau- thorized users is potentially very serious Wiclous smware U Malicious software is software that is engineered tncause acomputerto actin amannerotherthan that intended by its users and includes such programs as Trojan horses logic bombs worms trap doors bacte- ria computer viruses password traps and others gure 23 Examples include software designed to circumvent security systems illicin access data or processors cause damage to computing systems or ma- chinery controlled by them modify or destroy data or initiate processes or actions unintended by the comput- er cperator Malicious software can cause loss of pro- ductivity system interference or lockup corrupted les loss of data unreliable applications or even sys- temarashes zation hundreds of thousands of dollars both in terms of lost data and the time it takes to recover from a ma- licious software attack If the attack occurs during a critical military operation the results could be deadly U Malicious software is already pervasive through- out the world and the capability for its production is growing Although there have been no veri ed inci- dents of deliberate use of malicious software against the United States by an adversary it could and may in the future be targeted against communications trans- portation banking power and computation systems upon which both industry and the military might de- pend Whileviruses arefarmore prevalentthan f rojan horses worms or logic bombs the latter have the potential to do fargreaterdamage They are harderto detect and are generally written by more expert pro- grammers with speci c goals in mind Many foreign wuntries have been the source of malicious software origin however is not always apparent because for i 't sealer 73 3' i a- i I Figure 23 Hornet Mon at hilt-thus Software example a computer virus can propagate through any number of computer systems before it is discovered it is not surprising then that documented evidence of ac- tual malicious code introduction by FIS or military is not available An adversary would not be willing to ex- pose such a capability during peacetime There has been evidence of HS intent to introduce computer vi- ruses however W Prior to the August 1991 coup attempt the KGB was developing computer viruses with the in- tent of using them to disrupt computer systems during times ofwar or crisis nearly 1991 altighly restricted project was undertaken by a group within the Military intelligence Directorate of Cuba s Ministry of the Armed Forces The group was instructed to obtain in- formation to develop a computer virus to infect US civilian computers The group Spent about $5 000 to buy open-source data on computer networks computer viruses SATCOM and related communications tech- nology Details of this speci c endeavor are not known however the point is that such efforts continue to be made and could potentially cause ireBarable harm to any nations defense a scope for the military use of malicious soft- ware both strategically and tactically is large and as the offensive potential forthis type of weapon becomes apparent governments are more likely to become in- volved ftware re Erin addition to military targets adversaries may tar- get a country's infrastructure as well public 74 sat - 3 co 8 3 to SECRET telecommunications nancial networks power grids outsportaticn air traf c control upon which government industry and military de pend Similarly the adversaries may not be military or government groups but terrorist organizations political social activists or commercial entities No such groups have been speci cally identi ed as having an interest in the use ofmaiicious software or assessed to have the capability to use It There are any number of permutatiom of motives means and targets that can be attributed to such groups and because little is brown about them capabilities and intents are almost hnpossible to assess em The development of malicious software requires little in the way of resources a few comput- ers and an individual or group with the appropriate ex- pertise making a malicious software RritD program easy to support as well as easy to hide Inserting the malicious software into the target system however is more problematic Trusted insiders may have to be re- eruited or electronic intrusion methods attempted - lf SEC Net Assessment U In addition to the information distortion possibili- ties of electronic transmissions to tactical systems many other aspects of military command control com- munications and intelligence C31 is controlled or in- fluenced by computers The reliance on computers alternated weapons and other automated systems crit lcal to the performance of military missions has grown tremendously in recent years and will continue unabat- ed into the next cenniry Computer viruses and other malicious software are already pervasive throughout the world and the capability for its production is grow- ing Probably every country in the world where there is a computerhas been victimized at least once by ma- licious software and more than 60 different countries have been identi ed as the source of at least one com- puter virus 75                     National Security Archive    Suite 701  Gelman Library  The George Washington University    2130 H Street  NW  Washington  D C  20037    Phone  202 994‐7000  Fax  202 994‐7005  nsarchiv@gwu edu