7007436
story
Comments: 101 +- Technology: US Cybersecurity Plan Includes Offense on Saturday November 14, @10:16AM
Posted
by
Soulskill
on Saturday November 14, @10:16AM
from the take-aim-at-their-internets,-soldier dept.
from the take-aim-at-their-internets,-soldier dept.
background: url(//a.fsdn.com/sd/topics/topicsecurity.gif); width:59px; height:78px;
security
background: url(//a.fsdn.com/sd/topics/topicmilitary.png); width:98px; height:98px;
military
background: url(//a.fsdn.com/sd/topics/topicus.gif); width:80px; height:61px;
usa
background: url(//a.fsdn.com/sd/topics/topictech2.gif); width:60px; height:80px;
technology
z4ns4stu writes "Shane Harris of the National Journal describes how the US government plans to use, and has successfully used, cyber-warfare to disrupt the communications of insurgents in Iraq. 'In a 2008 article in Armed Forces Journal, Col. Charles Williamson III, a legal adviser for the Air Force Intelligence, Surveillance, and Reconnaissance Agency, proposed building a military "botnet," an army of centrally controlled computers to launch coordinated attacks on other machines. Williamson echoed a widely held concern among military officials that other nations are building up their cyber-forces more quickly. "America has no credible deterrent, and our adversaries prove it every day by attacking everywhere," he wrote. ... Responding to critics who say that by building up its own offensive power, the United States risks starting a new arms race, Williamson said, "We are in one, and we are losing."'"
Related Stories
Time is an illusion perpetrated by the manufacturers of space.
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.
what about anonymous? (Score:2, Funny)
Who needs a botnet when you have a labotomized group of internet hooligans who only need a target worth harassing?
Re: (Score:3, Interesting)
Because you can't budget for internet hooligans. You need to put them on specific payroll if you are to create your own personal fiefdom. Never forget, there is no incentive to save when your organization has no real limits on its "funding". When all you have to do is declare that people will pay you more, and they either do, or you declare that your going to take a loan out on their behalf, there may be an overall percieved need to "keep costs down" but, never "in our department".... no... because from the
Re:what about anonymous? (Score:4, Insightful)
Because you can't budget for internet hooligans.
In the 90s the military establishment began to realize and fear that the methods we had in place were dedicated to force on force conflicts but that terrorists - especially postulated nuclear ones - had no solution. Within a decade, that proved prophetic (although thankfully, not the nuke part).
From TFS:
Williamson echoed a widely held concern among military officials that other nations are building up their cyber-forces more quickly.
Looks like déjà vu all over again.
No one is ever ready for the upcoming threat - they're too busy safeguarding against the last surprise.
Reply to This
Parent
Re: (Score:2, Interesting)
Ironically we did. But there are too many organizations and the one dealing with military threats clearly wasn't aware of the others. The best way to deal with terrorists is secret service. They only need tweaking and infiltrating. Pay a few officials, assassinate a few others, done. The idea th
Re:what about anonymous? (Score:5, Insightful)
Ask the british, french or the romans, most of the countries they conquered don't hate them... and the US was just liberating countries. Something to do with trade, peace, talks, cultural exchange, improving the country and oh... not killing them in droves followed by massively dropping the standard of living.
The British , French, and Romans killed lots of natives building their empires, they had no compunctions about doing it, and they certainly didn't feel bad about it after. So did the Spanish, for that matter. They also imposed their own laws on other cultures, and taxed their new "subjects", drawing more wealth out of the colonies than they put in, thereby driving down the local economy. The primary reason for being a colonial power has always been to exploit someone else's wealth.
The US has built (or rebuilt) a lot of infrastructure in the wake of its various invasions. The standard of living in these places would be a lot higher if said infrastructure wasn't still being blown up, this time by people other than the US.
Not justifying invasions or civilian deaths, just saying I don't agree with your comparison.
Reply to This
Parent
Re: (Score:3, Insightful)
Agreed. The places the US out and out invades usually get rebuilt pretty well, from Germany and Japan through 1990s and 2000s Iraq and 200s Afghanistan.
The ones that don't actually get invaded though... those are the ones that really generate the anti-US sentiment. From all the destabilizing and dictator installing that was done in South America to the fooling around in Afghanistan and Iran and Iraq in the 80s.
Re: (Score:3, Interesting)
The US seems to be a complete dichotomy with regards to its Empire. Inside the US, the citizens struggle to maintain democracy and the laws of their constitution against those who want to restrict and change them. They support the rule of law (although of course differ on what that means), and are very concerned with the rights of their individual citizens. Its a fascinating process to watch (I am Canadian).
Outside the US, anything goes and the Munroe Doctrine supports that. While usually US foreign policy
Re:what about anonymous? (Score:4, Insightful)
> In the 90s the military establishment began to realize and fear that the methods we had in place were dedicated to force on force conflicts but
> that terrorists - especially postulated nuclear ones - had no solution. Within a decade, that proved prophetic (although thankfully, not the nuke
> part).
Actually, I tend to think Lawrence Lessig's essay "Insanely Destructive Devices" addressed the issue quite nicely. Technology that can be used for good can always be turned for evil. As technology expands what a person may easily do, or what a small group of people may do, it MUST ALSO expand the amount of harm a person can do.
Its hard to argue that explosives and guns have not increased the damage of an individual with access to them going psychotic and deciding to kill. I am afraid that this threat is unavoidable. So too the threat of determined individuals with a rational or semi-rational goal of destruction are even more amplified. Terrorism *IS* rational from a soldier at war's viewpoint.
So, in the end, the ONLY viable solution, besides attempting to raise the bar just enough to mitigate as much as possible the "crazy lone wolf" threats, is decreasing the rationality of terrorism. ONLY by stopping such groups from forming in the first place and growing will they be stopped.
This is why I actually believe that things like torture programs get more people killed. The hypocrisy of championing due process, the rule of law, and civil rights and then instituting secret programs of detention, rendition, and torture are not lost on the enemy. They join up BECAUSE they know we are hypocrites, it is why they joined.
Hearts and minds are the only battlefields that matter in the end. The rest is just those victories and defeats playing out.
-Steve
Reply to This
Parent
Re: (Score:2)
Of course, building a botnet is per se an aggressive move, either against your own citizens or to foreing (enemy or not) countries, if it spreads over their computers. And the easiest way to get attacked by your own tools (
Re: (Score:2)
Oh, I think you know why not Anonymous.
NOT YOUR PERSONAL ARMY.
The high ground (Score:2)
Wait what? (Score:5, Informative)
"America has no credible deterrent, and our adversaries prove it every day by attacking everywhere,"
Well that's just it you can't build a razor wire wall and laugh as people cut themselves trying to get through it. It seems to me the first mistake to be made is to treat a digital front as if it was a front in an actual war. All you're doing it guarding secrets most often, or sometimes vital services. Best way to protect them is physical separation from civilian networks. I know my friend who does communication translation for the military works on a network where they mirror a hand full of sites (wiki among them) every week and host them in house simply because having the network connected to the internet at large is just to risky.
Reply to This
Re: (Score:3, Insightful)
I don't really understand how this is even an issue. I seem to remember reading an article almost a decade ago [sadly I don't remember the source] which explained how the NSA operated their networking and it was EXACTLY what you're saying. The only connection their networks had to the outside world were stations with two terminals, internal network on one and external networks on the other with the agent in the chair being the ONLY connection between the two.
No amount of efficiency gained is worth having tr
Re: (Score:2)
I don't really understand how this is even an issue. I seem to remember reading an article almost a decade ago [sadly I don't remember the source] which explained how the NSA operated their networking and it was EXACTLY what you're saying. The only connection their networks had to the outside world were stations with two terminals, internal network on one and external networks on the other with the agent in the chair being the ONLY connection between the two.
No amount of efficiency gained is worth having truly sensitive data being ANYWHERE on an exposed network.
In one of my formal environments, there were networks like this; all the very sensitive kit is tucked away on aggressively segmented if not air-gapped networks. However, there was a time when we were migrating the firewall infrastructure which would involve complete disruption with the public internet for the non-critical / normal internal network. We had to reschedule twice because the critical business didn't have another way of passing on data to / from their international partners. It's not that they
Re:Wait what? (Score:4, Interesting)
FWIW:
I remember reading, I think it was a decade or two ago, about a Nuclear plant that had in internal network for just that reason. And total separation.
Then they hired a consultant to test or fix something, and that consultant brought in his computer and hooked it up to their network, but he needed some info that was kept on his company's site, so he also hooked it up to the main internet.
Well, the virus wasn't all THAT damaging, THAT time.
Separating the nets is VERY desirable. But if you really want to be safe, you need to also use different communication protocols. Different strings for local URIs, etc. Even a simple change would probably be enough, but even a simple change would be a tremendous hassle to implement.
Say you adopt the httq protocol instead of the http. Now you need to modify all the programs that expect http...because you don't want a rogue http link that sneaks in to be able to be processed. Quite a simple change... You'd want a series of changes at about that level of simplicity, and at all 7 levels of the protocol stack. Each one trivial.
Now try to run your MSWind software.... Whoops! All you can run is software that either doesn't depend on the net, or is specially crafted. This means OSS, and practically FOSS software.
(I suppose there might be simpler solutions, but every one I thought of I soon saw holes in.)
Reply to This
Parent
Reminiscent of the Cold War (Score:4, Insightful)
And when the USSR collapsed, we learned that the entire time they had been at least two steps behind us.
My opinion is that our infrastructure is in such disrepair that if hostile powers had the capability of cyperterrorism, they would have to practice extreme restraint not to use it to put the entire nation in a blackout for a month. If that means they're waiting for a combined-arms assault, then offense is not going to help us when our "military botnet" doesn't have any electricity to run on.
The recent scare about cyberterrorism causing blackouts in Brazil, only to find that those blackouts were more likely due to natural causes in a poorly maintained electrical grid [slashdot.org], supports my point.
Reply to This
Re:Reminiscent of the Cold War (Score:4, Insightful)
And when the USSR collapsed, we learned that the entire time they had been at least two steps behind us.
Would you have had it any other way? If we had not maintained our paranoia of the Russians one-upping us, would we have maintained our edge? I'll let history stand as the best outcome of the cold war without trying to second guess what would have happened if we had not taken the position we did. The illusion of a perpetual stalemate is certainly preferable to the alternatives.
Reply to This
Parent
Re: (Score:3, Informative)
While it's true that we severely overestimated their number of ICBMs and their production capabilities, there were a number of places where the Soviets were ahead of us:
* fighter aircraft maneuverability
* Lunakhod (decades before the Mars rovers)
* tanks
* Sputnik
And Sputnik was indeed a military coup. If you've seen the boost vehicles blowing up while we tried to match them, I'd ask you to consider the panic that that created. Sputnik proved the Soviet capability to put a package into a low orbit - kind of
Re: (Score:2)
tanks??? what about the m1 abrams? what comes even close?
Re:Reminiscent of the Cold War (Score:4, Funny)
But But But, I want my Kuang Mark 11 to slot into my deck!
Reply to This
Parent
Re: (Score:2)
Also, the military gets paid.
Can't happen (Score:2)
I have friends working for the Navy who are taking > 6 months just to order a fscking desktop computer.
I doubt the DoD is capable of pulling this off.
This Sounds Like (Score:3, Funny)
Reply to This
Some of the ways theey're taking down email (Score:2, Funny)
...proposed building a military "botnet," an army of centrally controlled computers to launch coordinated attacks on other machines.
Dear Terrorist:
I am a Jihadist in Nigeria with $10 million and if I put it into a bank, those infidel Americans will freeze it. If you send me $5,000 to open an account in the Cayman Islands, I will put you in for half!
Or the other one:
Dear Terrorist:
Do want a LARGER penis? With a LARGER penis, you'll be more of a man and be able to take out those infidel Americans! Buy V1@gr4 from us! We will make you BIGGER and STRONGER! Allah be praised!
or:
Make BIG MONEY selling AK-47s from home! Make even more with I
Strangelove (Score:4, Funny)
Mr President, we must not allow a script-kiddie gap!
Reply to This
Re: (Score:2)
Just like the "bomber gap" and the "missile gap" which were either paranoia-driven nonsense or a simple (but effective) way to get finding for weapons that no-one needed, or used.
Maybe the best way america could defend itself from the threat of baddies with computers would be to cut themselves off from the rest of the world.
Re: (Score:2)
Maybe the best way america could defend itself from the threat of baddies with computers would be to cut themselves off from the rest of the world.
Good idea - we should even hide from them.
In mine shafts.
Botnet? (Score:2, Funny)
dept. (Score:2)
Attack them with viral printers! (Score:2)
http://www.theregister.co.uk/2003/03/10/one_printer_one_virus_one/ [theregister.co.uk]
Hoax or incredible cover-up?
no deterrent??? (Score:2)
how about "cease your cyberattacks or we unplug your country from the internet"
USA? Prepare for us to take over your puny botnet! (Score:2)
We get paid by every single big criminal out there.
We have decades of experience.
We are the best in the world.
We wish you goood luck! ^^
Greetz,
Your Russian hacker community.
Oh... :-\ (Score:3, Funny)
Reply to This
Re: (Score:3, Insightful)
You know what's a better idea? Leave those damn servers alone and let everyone see for themselves what a nutjob your enemies are. Bringing their servers down won't bring the poor sod in the video back to life, but it might make sure that next time you have something tangible to act on (like invading a "rogue" country) other countries will root for you.
Re:Well (Score:4, Insightful)
Second: Any rational, independent-thinking person knows there is a considerable difference between filming action between armed combatants on a battlefield, and the producing a video of the execution of an innocent, helpless, non-combatant hostage. Furthermore, in the first situation the video is a by-product of the main action. If anything, knowledge that the battle is documented may inhibit excessive violence. In the second situation, the video is the primary aim of the action, and because the nature of the video is to cause terror, it encourages greater inhumanity in its actors. But then again, you already knew that.
The hypocrisy and filthy double standard here is in those who would equate the actions of nameless, faceless terrorists with those of the US military. While they are far from perfect, all branches of the US military bring court martials against those in their command believed to have committed atrocities. There are those who would argue that little has resulted from them, (and they would mostly be right) but that misses the point: No terrorist organization holds (or attempts to hold) itself to nearly the same standards that the US does. No member of al Quaida has ever faced a disciplinary hearing for bombing a mosque, market or school. No insurgent has ever been indicted by his own organization for intentionally targeting innocent civilians. Far from being despised, they are called heros. But then again, you already knew that.
There are times the US should listen more closely to other voices in the world. Just not to yours. Quite frankly, I wonder why you think the US should give a damn about your opinion, or the opinion of people like you. Not because you think differently, or because we're evil, or we don't listen to our neighbors, but because you obviously care more about your anti-American agenda than you do about dialog. But then again, you already knew that.
Reply to This
Parent
Re:Just give it time (Score:4, Insightful)
In ten or twenty years USA won't be a country worthy of attacking
You must be too young to remember - that was a popular 70s meme, with the US being the new Roman Empire on its way to an accelerated collapse.
Don't count the US out until you can count 10. Maybe the reason for its endurance is that the US is really never just one nation of one people.
;-)
:-P
Reply to This
Parent
Re: (Score:3, Interesting)
Don't count the US out until you can count 10. Maybe the reason for its endurance is that the US is really never just one nation of one people.
Discussions of exceptionalism aside, you must find the term "homeland" (as in "Homeland Security") as inappropriate (even funny) as I do.
Re: (Score:2)
Discussions of exceptionalism aside, you must find the term "homeland" (as in "Homeland Security") as inappropriate (even funny) as I do.
I fucking hate it and it's nothing short of the modern equivalent of Der Fatherland.
I'd find it funny but for the clodhopping jerks in the our country (the US) that somehow _relate_ to it.
I blame the religious right.
Re: (Score:2, Informative)
It's "das Vaterland".
Just saying.
Re: (Score:2)
Thanks, but I translated that into fake-German-in-old-WWII-movie-speak, in hopes that any homeland-lovers reading that would wake up. ;)
Re: (Score:3, Interesting)
It might be a wee bit early to go claiming endurance.
The US has been a superpower for less than 60 years, and has existed for less than 250 years.
The Roman Empire, which you mentioned, and most of history's other great civilizations, were around for rather longer.
Re: (Score:3, Insightful)
Seriously? You really think it's a wee bit early to attack the idea that the US will be of no consequence within two decades?
The Roman Empire, as I mentioned it, was in comparison to our stated decline and decadence in the 70s.
I never said - nor even got in the neighbor of saying - or predicting - how long the US would endure. All I said was that I question less than 20.
If you're gonna snipe, pick words, concepts or sentiments that I actually express as a target.
Re: (Score:3, Insightful)
That's not what I said. I said, and I quote, "It might be a wee bit early to go claiming endurance." You said, and again, I quote, "Maybe the reason for its endurance is that the US is really never just one nation of one people."
The US is far too young to have shown much "endurance" and certainly too young to need explanations like because it "is really never just one nation of one people."
If the US makes it, in recognizable form, to the magic thousand years that all the big empires seem to aim for, THEN
Re: (Score:3, Insightful)
If you haven't noticed, during that period of time the US *HAS* followed in the steps of the Roman Republic. Not precisely in lock-step, but close. I hope that there's enough play that we escape the horrendous Marius vs. Sulla civil war, but the democracy of the country has declined severely during this period. The presidency has become more imperial. The orders of the president are less subject to question. Etc.
OTOH, now that the US has defeated it's last major enemy (Russia....for some reason China d
Re:Just give it time (Score:4, Interesting)
They're like "that survivalist guy with a whole basement full of guns, ammo, grenades and a rocket launcher or two". It'll be suicide to go up to his house with a BB gun and shoot at it.
If anyone wants to hurt the USA they'd have to do it more sneakily - so there's no obvious target for their nukes, cruise missiles, bombers etc.
Same goes for this "cyberwarfare" thing. A massive concerted attack from your country against the USA will just get you bombed.
The US media likes to make noise about China/<bogeyman of the day> launching cyberattacks on US servers. The fact is, if the Chinese Gov was really involved, the US Gov will just call the Chinese ambassador in, and say: "Hey stop that now". But really which government is going to do that? If my government wanted to start a war with the USA - cyber or otherwise, a real act of patriotism would be to shoot the idiot leader(s) who came up with that idea.
The attacks are mainly from a bunch of script kiddies or criminals. If the US Gov is really serious about reducing the attacks they should just go follow the money/control channels, and jail the people responsible if they're in the USA (won't surprise me if many are actually from the USA- after all Sanford Wallace is in the USA, and the BlueHippo thing was in the USA ).
Reply to This
Parent
Re: (Score:3, Insightful)
The fact is, if the Chinese Gov was really involved, the US Gov will just call the Chinese ambassador in, and say: "Hey stop that now".
And then he could reply: "no, and stop bothering us or we'll just start devaluating your currency so much, you're gonna be ruined".
You were speaking about the huge size of the US defence budget, yet it won't help much if most of your equivalently huge debt is owned by a foreign country.
Re: (Score:3, Insightful)
No country would start a war with the USA. Not now or in twenty years. Just look at the USA's "defense" budget compared to the rest of the world _total_..
Um, wake up we are at war on several fronts.
We have organized entities trying to kill us. ( perhaps not overly effective to date, but that isnt the point )
We have organized countries trying to crush our economy.
How do YOU define war?
Re: (Score:2)
At some point though we're probably just going to have to start issuing licenses since people seem to be determined to not act responsibly online. Accessing porn and adult materials is fine, but people need to realize that it's their own damned fault if they get a virus. And it's completely inexcusable that people run machines that have viruses on them for prolonged periods of time.
Ironically, by chance, above: "Perfectly Logical" (Score:2)
Another ironic example is the post by chance directly before this one, entitled: "Perfectly Logical"
http://tech.slashdot.org/comments.pl?sid=1443966&cid=30098058 [slashdot.org]
Re: (Score:2)
You're insane - Colossus is listening.