Botnets As "eWMDs" 172
John Kelly writes "The current issue of Policy Review has a paper by an American computer scientist and the recent Permanent Undersecretary of Defense for Estonia. Drawing on the Estonian cyber attacks a year and a half ago, as well as other recent examples, they argue that botnets are the major problem. They propose that botnets should be designated as 'eWMDs' — electronic weapons of mass destruction. The paper also proposes a list of reforms that would help to limit the scale and impact of future botnet attacks, beginning with defining and outlawing spam, internationally." Many of the proposed solutions are common-sensical and won't be news to this audience, but it is interesting to see the botnet threat painted in such stark terms for readers of the Hoover Institution's Policy Review. For a more comprehensive overview of cyber-security threats, listen to NPR's interview with security experts on the occasion of the release of a new report, "Securing Cyberspace for the 44th Presidency," which recommends creating a cyber-security czar reporting to the President.
Can we get back to the old definition of WMDs (Score:2, Interesting)
WMDs used to refer to nukes. Nuclear weapons destroy mass. That's why it's weapons of mass destruction and not weapons of massive destruction.
http://en.wikipedia.org/wiki/Weapons_of_mass_destruction#Evolution_of_its_use
Re:Even though no one dies from them. (Score:4, Interesting)
What if a hospital's infrastructure was taken down by a botnet immediately after a natural disaster?
Re:wmd comparison (Score:3, Interesting)
Perhaps we should stop calling them "Weapons of Mass Destruction".
Weapons of Mass Effect is a broader term that encompasses bio/chem warfare, EMPS, dirty (radioactive) bombs, large conventional explosives, planes flying into buildings, etc.
And WME would also include things like botnets and malicious worms.
An eWMD shuts down water supply: people have to resort to bottled water and, in a worst case scenario, boil rain water; for a few weeks
It would literally be impossible to truck in enough potable water to sustain even a relatively small population center. In a city of millions, the only solution would be mass relocations. Even if the population center could be sustained on bottled or boiled water, all kinds of commercial and industrial activity would grind to a halt.
Modern society would be crippled without any of the following: highways, electricity, sanitation, and potable water.
Re:wmd comparison (Score:3, Interesting)
There is no reason to have that kind of equipment connected to a public network. Period.
People say that all the time, but it's simply not true. Coordinating a variety of utilities and their major consumers makes sense. Having the wind farm aware of the local weather predictions, the hydro plant aware of the seasonal rainfall expectations, and the nearby aluminum refinery aware of both of their likely outputs has real value. Your options are then to either build some alternate network and then move data on and off it in some kludgey fashion that isn't 100% secure (there's no rule that says you can't hide a buffer overflow in the weather report that's about to be delivered via USB drive...), or to acknowledge the value and cost of connecting it all to the Internet and accept both the risks and rewards.
Now, I happen to agree that these networks should remain separate, with the best barriers between them we can manage. I think the risks outweigh the rewards, and not by a trivial amount. But pretending the rewards are nonexistent is either naive or disingenuous.
Re:Can we get back to the old definition of WMDs (Score:3, Interesting)
I've had a quick read of that link, and I can't find anything that suggests mass was ever meant as mass in the physical sense, rather than just a shortened version of massive. Perhaps I missed something?
Re:What masses, specifically, have botnets destroy (Score:2, Interesting)
Re:What masses, specifically, have botnets destroy (Score:1, Interesting)