USAF Considers Creation of Military Botnet

sowjetarschbajazzo writes "Air Force Col. Charles W. Williamson III believes that the United States military should maintain its own botnet, both as a deterrent towards those who would attempt to DDoS government networks, and an offensive weapon to be used against the networks of unfriendly nations, criminal groups, or terrorist organizations. "Some people would fear the possibility of botnet attacks on innocent parties. If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us. The U.S. will perform the same target preparation as for traditional targets and respect the law of armed conflict as Defense Department policy requires by analyzing necessity, proportionality and distinction among military, dual-use or civilian targets. But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians. If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them." What does Slashdot think of this proposal?"

I'm Suprised

I'm Surprised that they are not doing this already. That begs the question, who's computers would host the bots? Patriotic Americans who allow the govt to install software on their machine to attack the enemy is all well and good but what happens when the alphabet soup figures out that the govt has software on most of America's PC's?

Re:I'm Suprised

You hit the nail on the head!

A botnet's great strength is that it is dispersed. House it only on military computers and you cripple it. Put it "out there" in some form, though, and you risk having the CNC reverse engineered and the botnet might suddenly "belong" to someone else.

Bad idea.

Re:I'm Suprised

you risk having the CNC reverse engineered and the botnet might suddenly "belong" to someone else.

Only if you're stupid and use symmetric encryption. Such a problem would most certainly not manifest with a distributed public-key encrypted network. Obviously this is an area where even good organizations and intellient people have been known to have made utterly stupid mistakes.

But it is certainly possible to create an uncompromiseable botnet.

Actually, to be honest, I'm really surprised such a botnet doesn't exist already. Oh well, perhaps it's just one of the better hidden ones.

One thing bothers me about botnets though : they all seem to originate either in Russia or deep into China. Especially in China I find it very surprising that ip's closer to the command center of those botnets tend to trace deep inside China, and not to the coastal cities, where you'd expect the Chinese script kiddies to be.

So aren't we just kidding ourselves that other nations don't already have these ? Storm might very well be Putin's botnet.

Re:I'm Suprised

The US military has bases all over the country, and even all over the world. Put 10-100 computers in at each military base to participate in the botnet, and you could probably have a pretty strong botnet.

Re:I'm Suprised

Why would they need to install them on civilian PC's? The US Gov't, unlike a lot of botnet creators, has a hell of a lot of funding. They could just buy a bunch of computers specifically for the task.

Or, they could just take every computer that is upgraded/rotated out of a federal government facility and set it aside for this job.

Or the US Gov't could just add a program to all of their active computers that relinquishes their idle time to the botnet. Sort of a militant version of Folding@home. (Civilians could even opt into this one.)

Or they could do all of the above. They wouldn't need to touch a civilian PC to get a formidable botnet.

Re:I'm Suprised

Isn't the strength of a botnet that it controls systems behind millions of different broadband connections? It's not the number of PC's that matter but being able to use the sum of all bandwidth available behind a gazillion connections. If the military spreads their botnet on 100,000 systems behind 1000 networks then that wouldn't be very effective.

Re:I'm Suprised

Maybe they could outsource it?

Re:I'm Suprised

Patriotic Americans who allow the govt to install software on their machine to attack the enemy is all well and good...

And it makes the civilian population a legitimate military target. A little like hiding the missiles in the churches.

Re:I'm Suprised

Wouldn't it just be easier to "accidentally" anchor some navy ships in the wrong spot, and sever many of the connections to the area. We learned this last winter that you don't need to cut off areas, just make their working links so oversaturated that they are essentially worthless.

Re:Using bots in S.American countries

This has got to be against Geneva Conventions.

There is nothing in the Geneva conventions about computers. In fact except for the treatment of prisoners and civilians (and casualties) in war, there isn't anything in any of the conventions.

Did you know that they really don't protect civilians under "contemporary" conditions ? It specifically states that if "the enemy" (anyone whom you're at war with) does not clearly identify itself (which is defined to mean military bases OUTSIDE of population centers and CLEARLY uniformed troops) that civilians, enemy troops AND casualties are fair game ?

As in, if there is a faction using people as human shields, any army fighting them is completely within their rights to shoot all the human shields first. (think about what rights this theoretically gives Israel in fighting Gaza, they go above and beyond what Geneva requires of them, since a genocide in Gaza would be clearly within Israel's rights under the Geneva conventions)

Even in an open war a military is completely within their rights to let a civilian population starve. Everything except direct, unprovoked attacks is not the subject of the Geneva conventions.

The convention also CLEARLY states who gets to judge (obviously without possibility of appeal) whether the provisions of the Geneva conventions allow you to shoot a certain person : the field commander. His decision is final, and he gets to be judge, jury and executioner.

Besides, there isn't a single warring faction in the world today, except the United States (and Israel, Turkey and "maybe" China (insofar you call Tibet a war, besides I doubt you will find China respecting Geneva in Africa)), that even pretend to respect the Geneva conventions. E.g. hezbollah has declared upon multiple occasions that it doesn't, nor does it ever intend to (and then they say something about some prophet not respecting them as justification).

Lots of other warring parties don't respect Geneva : the islamist government of Sudan, Egypt (in it's south), Iran, Pakistan, ...

Never mind civilian computers being fair game. These conventions date from immediately after WWII (not that anyone really thinks Hitler would have respected them if they existed, in fact he would probably have used them to his advantage, but hey, one can hope, right ?)

Also let's not forget, article 29(3) of the Human Rights :

"(3) These rights and freedoms may in no case be exercised contrary to the purposes and principles of the United Nations."

In other words, anyone attempting to abolish the human rights treaty (one obvious party would be islamists) does not have any human rights.

In practice you will find provisions like that in just about any constitution, in constitutions as varied as both the US constitution and the Iranian one (you know the one that requires the state to execute gays).

Hmm?

No good can come of this.

A botnet is like a disease. Not a bomb. Deliberately infecting your own computers is a horrible idea.

And this is why the military never works with...

...disease pathogens. Oh wait...

reminds me of the NSA backdoor..

You have 4 windows updates to install:

Security hotfix for XML services KB0453456
Security hotfix for Windows
Microsoft Silverlight
US DoD anti-terrorist cyberwarfare battle attack bot v3.1

Do you think they really wouldn't do it?

lol

We must not allow a botnet gap!!

Which country would that be again?

"If the enemy is using civilian computers in his country so as to cause us harm, then we may attack them"

It might be found that the enemy botnet just doesn't respect political borders and will be using machines within ones own country. What happens then?

Re:Which country would that be again?

If the U.S. government starts targeting botnet clients within U.S. borders, I say it's a good use of my tax dollars.
Even better if they can provide educational public service announcements about computer security.

Remember: Only you can prevent firewire.
This is your computer. This is your computer in a botnet.
Got v146rA? ....Please, buy your pharmaceuticals from a pharmacy, not junk email.

where can i get some

if China or Iran or some other enemy country wants to attack the USA and the US government wants to start a botnet let me know i have 2 PCs on 24/7/365 on cable broadband, i will volunteer my PCs to work for the US Government as part of a botnet, Bush may not be my favorite president but i am still an American and know what side my bread is buttered on (just make a Linux version too)...

Re:where can i get some

You think Comcast had a cow about downloading movies, just wait until they see the traffic our government botnet generates.

Inaccurate Title

"USAF Considers Creation of Military Botnet"?

The views expressed here are the authorâ(TM)s own and do not necessarily reflect those of the Air Force or Defense Department.

Me: I like vanilla ice cream
Slashdot: Internet Ranks Vanilla as the Best Ice Cream Flavour Ever

He is NOT proposing the use of malware

The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.

Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force's high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.

Next, in what is truly the most inventive part of this concept, Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find. Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.

Historical Perspective

"But neither the law of armed conflict nor common sense would allow belligerents to hide behind the skirts of its civilians."

Remember that much celebrated tea party in, where was it, Boston? The one where none of the protagonists war uniforms or abided by the laws of armed conflict and then slipped back in to the public masses? The one where, today, the U.S. would classify them as illegal combatants and deny them access to any legal protection?

The one where the superior military, that could crush its opposition anywhere they stood and fought, couldn't defeat an army that kept slipping in to the countryside?

The one where the "evil" greater power could be demonised every time they caused collateral damage or took reprisals on the people the weaker force hid behind?

The one where the great general George Washington brilliantly used geurilla tactics to make up for never having more than 17,000 men in the field at any one time?

The one where, soon after winning its largely guerilla war, they wrote the second ammendment to their constitution to enshrine the right to that kind of combat?

The one where the larger but distant power regarded the attacks on its own holdings as terrorism - the term just wasn't widely used yet?

It's ironic that a nation formed on, and celebrating in its constitution, the principles of armed insurrection, guerilla warfare and terrorism when it was the weaker power gets its panties in such a collective bunch when people do exactly the same thing that worked so well for it back again.

Remember: If you win and you're powerful enough to write the history, it's noble. If you lose, it's evil terrorism. Until it's decided, which one it's viewed as simply depends on which side you're on.

But can the US win?

In a traditional war, the idea is that the US could win by having a larger, better equipped and high tech army. Of course, it doesn't always work in places like Iraq or Afghanistan, but that's the theory.

On the internet, small groups of individuals can wield as much power as the US armed forces could hope to. Massive botnets are hardly new.

Also, how exactly would targeting infected civilian PCs help? The first 'D' in DDOS stands for "distributed", i.e. blasting PCs off the internet one at a time isn't going to help much.

Don't be silly...

A botnet succeeds in DDOS because it's able to leverage the bandwidth of 10's or 100's of ISPs to overwhelm the resources of the 1 ISP or server that a site is hosted on.

For a US Military operation, you wouldn't bring the headache of maintaining 1,000,000 crappy old PCs stuffed in unused closets to bear on the problem. You'd build big machines, and you'd locate them on major backbone networks. When it came time to bring a little DDOS to bear on the enemy, you would have your big machine fire packets. It could spoof IP addresses as it wished; it could use yours, and you wouldn't even know it!

No one other than the technicians on the backbone could tell the difference between this and a hacker's botnet. But it would at the same time be much larger scale, cost more, and be theoretically more efficient - all positives in the military contracting arena.

Re:The path...

Read the article. And don't mod people insightful before reading the article yourselves!

It specifically states, in no uncertain terms that they will only use USAF computers for this. And that it will be a way to use retired computers from other sections of the government that would normally be slated for destruction.

Re:We must defend ourselves

Do you even know what a Botnet is?

I can just hear the Pentagon tech-office now.

TECH GUY 1: "Hey, we go this guy here who WANTS us to infect his PC with that Botnet thingy"
TECH GUY 2: "Lemme check. [CLICKITY-CLICK] Nope, already got 'im"