NSA Director Argues For "Red Button" Autonomy Against Unattributed Cyber-Attacks

An anonymous reader writes U.S. Navy Adm. Michael S. Rogers — director of the National Security Agency and Commander of United States Cyber Command (USCYBERCOM) — has suggested that cyber-attacks can begin and escalate so quickly that USCYBERCOM would need powers to retaliate immediately, without (as it is currently obliged) referring the matter to the United States Strategic Command. In testimony to the "House Armed Services Committee on cyber operations and improving the military's cybersecurity posture" on March 4th, Adm. Rogers argues for "development of defensive options which do not require full attribution to meet the requirements of law and international agreement."

A Fantastic target for state-sponsored hackers!

[disposable60]

The level of automation required to make that National Security Statist's wet-dream a reality will offer multiple high-value targets to nefarious persons of criminal and warlike intent.

I guess as lo

Re:

[ColdWetDog]

I thought they already had this sort of capability [washingtonpost.com].

You're telling me that there is no red button on the Enterprise bridge? I don't believe it for a second.

Fire Photon torpedoes!

Re:A Fantastic target for state-sponsored hackers!

[Jeremiah Cornelius]

General Jack D. Ripper :
Mandrake, do you recall what Clemenceau once said about war?

Group Capt. Lionel Mandrake :
No, I don't think I do, sir, no.

General Jack D. Ripper :
He said war was too important to be left to the generals. When he said that, 50 years ago, he might have been right. But today, war is too important to be left to politicians. They have neither the time, the training, nor the inclination for strategic thought. I can no longer sit back and allow Communist infiltration, Communist indoctrination, Communist subversion and the international Communist conspiracy to sap and impurify all of our precious bodily fluids.

Re:

[fustakrakich]

Yeah, but c'mon... "Red Button" Autonomy

That's just too cool. Everybody should have one of those.

Re:

[nitehawk214]

Hell, even if the thing works correctly and is secure; there is absolutely no potential for abuse by the government, is there? NSA loves having no-oversight no-liability powers they can exercise at will.

they need Anonymous for that kind of response

[swschrad]

so they need to play nice;

You idiot

[AmiMoJo]

Within 53ms of getting international agreement all your enemies will have set up proxies inside the US, attacked themselves and launched a retaliatory cyber nuclear strike on northern America. Facebook will be down for weeks.

Re:You idiot

[Greyfox]

They already do. Any attack is going to come in via a botnet composed of compromised systems within your own border. You could make those systems more secure, but not without sacrificing the ability to spy on them whenever you want to.

Re:You idiot

[vux984]

Facebook will be down for weeks.

Fingers crossed. Is there anything I can do to help make it happen?

Re:

[AmiMoJo]

It sounds good now but wait until the government falls and the country descends into chaos when all the people who waste their lives on Facebook suddenly have nothing better to do.

Analogy

[Jamu]

If someone shoots at you, don't bother finding out who it was, just start shooting random people.

Re:

[bulled]

Do not burden us with your paltery facts or logic, we want the unrestrained ability to make war on whom ever we choose without the need to justify anything to the plebs.

Re:

[schlachter]

I think it's more akin to, if someone shoots at you, don't take cover or return fire until you radio up the chain of command, describe the situation, obtain observations, and get approval to respond. Meanwhile, bullets have been fired, and you're dead or the assailants have moved on.

Re:

[Nyder]

I think it's more akin to, if someone shoots at you, don't take cover or return fire until you radio up the chain of command, describe the situation, obtain observations, and get approval to respond. Meanwhile, bullets have been fired, and you're dead or the assailants have moved on.

Since when has the NSA given a fuck about the chain of command or even the constitution?

Re:

[AmiMoJo]

You took the analogy to a ridiculous extreme. It breaks down because with cyber attacks it's standard operating procedure to use other people's resources. Botnets, 0wned servers, even hacked wifi. If this goes ahead Starbucks could become the site where WW3 starts.

Re:

[rtb61]

What a load of PR crap. It is more akin to, I think I heard a gunshot, time to drop a nuke from orbit it's the only way to be certain.

This incessant US bullshit that all forms of policing should be allowed to act as law en-FORCE-ment outside the purview of the courts is crazy and the direct reason so many of you are being killed by steroid rage junkies.

There is only one answer to idiotic requests like this, NO, sorry, fuck off, go through the courts, we don't trust you, which is, DUH, why fucking court

Re:

[PPH]

Meanwhile, bullets have been fired, and you're dead

Dead? Come on folks. Its a bunch of ones and zeros.

You can close up the firewall, pull your plug out of the Internet and recover from backup. But nobody actually dies.

Re:

[Euler]

Exactly. I just don't get it, why does the media and actual government agencies equate 'cyber warfare' to actual weapons? It isn't remotely the same thing. Even the most organized state-sponsored cyber attack is basically just targeting design flaws in information systems. Real weapons target people and property that are actually difficult to protect from physical damage. It costs hundreds of billions of dollars per year to design, build, and staff military equipment. Actual warfare is absolute appall

Re:

[Euler]

Too much imagination with no real think-through:

*Setting ALL traffic lights EVERYWHERE continuously to GREEN - Is this fear mongering? EVERYWHERE? really? 99% of traffic lights are not connected to any grid. Maybe they have local transponders that Ambulances can request green, but it would be negligent to allow a situation that could bypass the interlocks that prevent all-ways green. There is only so much that software hacking can defeat. The professional engineer that would ever allow that situation wo

Re:

[dave420]

No, it's more like someone constantly ringing your doorbell when you're trying to watch TV. You are suggesting that they just be able to blast through the front door with a shotgun in order to end the noise, instead of simply temporarily unplugging the doorbell. Lashing out is one of the reasons the US's foreign policy is not respected as much as it once was - it might send good messages to the folks back home, but it enrages the common decency of billions of other people who won't forget quite as easily,

Re:

[funwithBSD]

I sense a Dr. Strangelove reboot in the making...

Re:

[Bob the Super Hamste]

Well it isn't like NSA Director Mike Rogers [guim.co.uk] isn't a caricature of General Buck Turgidson [globalspec.com]....

Well shit we're fucked.

Re:

[Phreakiture]

It fits the typical US strategy . . . it was, after all, how our government responded to 9/11.

Re:

[cwsumner]

If someone shoots at you, don't bother finding out who it was, just start shooting random people.

You have a good point, it all depends on how accurate your targeting is. If you can hit the assailant and not hit bystanders, then it is good. If you are not so sure, then best to hold your fire until you can manuver to get a better sight picture.

No one has mentioned how good the targeting for the Cyber team is, but it is probably secret.

Good luck with that...

[bhlowe]

I think that would be difficult.. they'd have to get approval from the FCC who now regulate the internet.

NSA Power Play

[Jason Levine]

The NSA has been listening in on the data of everyone it can, and wants the ability to do so without any oversight. Now, it wants to ability to retaliate without oversight? The NSA is one "colorful" leader away from making the transition from power hungry government agency to supervillian organization.

Re:

[maliqua]

The transition has long since been made

More like General Buck Turgidson

[Bob the Super Hamste]

It seems he [guim.co.uk] is getting to be more like General Buck Turgidson [globalspec.com] or Brigadier General Jack D. Ripper every day [theguardian.com]. I'm now just waiting for him to start spouting off about a mine shaft gap.

Re:

[VAXcat]

I'm not saying we won't get our hair mussed...

Re:

[Bob the Super Hamste]

If...we were to immediately launch an all-out and coordinated attack on all their airfields and missile bases we'd stand a damn good chance of catchin 'em with their pants down. Hell, we got five to one missile superiority as it is. We could easily assign three missiles to every target and still have a very effective reserve force for any other contingency...An unofficial study, which we undertook of this eventuality, indicate that we would destroy ninety percent of their nuclear capabilities. We would ther

Somebody, perhaps, but not the NSA.

[duck_rifted]

Bad deal. I'd rather the reaction pipeline have two tiers and go like this:

Tier One: Non-Vital Systems Targeted

1. NSA notices megahertz getting stoled

2. NSA informs at least two competing consumer security companies.

3. The two companies send their assessment to a judge.

4. The judge orders ISPs to shut down the attack.

5. The holder of the affected account gets 30 days to respond in their defense.

6. The case is reviewed again by a judge, who forwards it to a prosecutor if necessary.

7. The NSA never knows jack nor shit about anything after their part (step 1).



Tier Two: Vital Systems Targeted (infrastructure, utilities, government, or financial institutions)

1. NSA notices megahertz getting stoled.

2. NSA notifies an electronic security unit in each branch of the armed forces.

3. The security units rapidly evaluate the threat, and if any one concurs...

4. A service denial request targeting the source is dispatched to an ISP and a judge.

5. The ISP immediately suspends the target service. The judge can restore service.

6. Steps 5, 6, and 7 from Tier One.

7. Because it bears emphasis, the NSA doesn't know shit about the outcome ever, at all, period, otherwise this can be abused.

Oh, and since nobody has said it

[duck_rifted]

An electronic border guard would necessarily be a NEW AGENCY. Letting ANY existing agency mix their mission with that WILL lead to problems. We've already seen the first signs of that. This calls for specialization, not some hamfisted bushism.

Re: Oh, and since nobody has said it

[Lije Baley]

Dept. Of 127.0.0.1land Security

Re:

[currently_awake]

On paper the NSA is supposed to be defending America's electronic borders, but they appear to have deserted their post to go rampaging through the intertubes looking for targets of opportunity.

Re:

[tnk1]

Although I am skeptical about the NSA retaliating without oversight, sending proof to a judge and through bureaucratic channels as you suggest would take hours. Possibly days.

A well planned attack could be over and done within an hour, if they know what to attack. In the worst case, serious damage could be almost immediate if they know exactly what they are attacking and can issue a direct command.

Will anyone will be fast enough to lean on the "fire photon torpedoes" button, even without having to communi

Re:

[king neckbeard]

I would suspect that in practice, the gap between the attack and when it was known would be orders of magnitude greater than the time between the attack being known and getting a warrant. Nevermind that the highest priority would generally not be to counterattack, but to protect the target, which probably wouldn't require a warrant.

Re:

[duck_rifted]

I don't buy that bureaucratic processes have to gum up the works. That perspective is obsolete. If major international corporations can coordinate decisions and systems using modern technology, so can our government. If a bunch of kids or laypersons can coordinate quickly and efficiently to do something as complicated as build video games then people competent enough to hold the fate of innocents in their hands should be able to work out a way to work without archaic limitations.

A modern threat will r

Re:

[rahvin112]

The US government has already declared that they view a cyber attack as an act of war. You need to understand the ramifications of that declaration that is more than 5 years old at this point. What that means is the US reserves the right to respond to a cyber attack with bombs and guns, not the cyber kind.

Even if it wasn't classed as an act of war this would be international aggression and the power to respond to that is vested in the office of the president as commander in chief, NOT the courts. I don't wa

Re:

[duck_rifted]

You're right on point with this. I agree totally. That is one of the reasons why for the second tier, I recommend that a security office from each branch is notified. That increases the number of analytic eyes on the event, and injects potentially vital defense information into the military sphere. It may well be necessary to respond to that level of threat with guns and bombs, so getting news of the attack to the right hands first primes the engine.

This also pits the branches of the armed forces in

Re:

[JohnFen]

Vital systems should never, ever be connected to the internet in the first place. If the people running such systems would stop being complete idiots and disconnect from the internet, there would be no need for anything like a military-style response to "cyber" attacks.

Re:

[Euler]

True. Systems that actually matter use leased-lines (or the digital equivalent.) Anything is possible, but the hackability is way less likely compared to the internet.

But there is the PHB factor trying to avoid that cost, or just wants to be able to log-in from home.

Security contractors are after cash, not security

[Anonymous Coward]

I think the approach is all wrong. It's total folly to count on "secured" Windows systems, VPNs, pretty much anything really. The extremely critical stuff simply shouldn't be connected at all. And of what's more mainstream, we'd all be a lot more secure if the powers that be spent more time immediately fixing everything instead of collecting and creating ways to compromise.

DIDN'T YOU LEARN ANYTHING FROM SAN BRUNO???

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[Doug Otto]

Nowhere does tfa or the document mention anything about whatever the fuck "red button" autonomy is...

It looks like the big read Staples button only instead of "Easy" it says "Hack Back."

Re:

[Jason Levine]

Nowhere does tfa or the document mention anything about whatever the fuck "red button" autonomy is...

It looks like the big read Staples button only instead of "Easy" it says "Hack Back."

And now I want one of those buttons. (I promise not to abuse it... too much.)

Re:

[Quasimodem]

I am not impressed. If these guys were serious about defending the nation against terrorist binary, wouldn't they be asking for a by-God John Wayne button, instead of some cute-but-funny, fucking Red Buttons.

Re:

[TheCarp]

Seems pretty clear to me that this is not only correct but, he hates us for our freedoms.

Red Button

[Luthair]

Its called unplugging the target from the internet. Problem solved.

In all seriousness, they don't need a hair trigger response because its going to take them a while to figure out where the attackers actually are.

Re:

[Kasar]

Anything that is accessible over the internet is a potential target for hackers. Does this guy really want an easy kill-switch sitting there?
Perhaps he believes US government networks unbreakable, in which case he is entirely unqualified for his position.

Re:

[Jason Levine]

They already want (and have put some) backdoors in all encryption schemes so they can easily use them to listen in on encrypted data transmissions. They either haven't considered or don't care that said backdoors could be used by hackers as well as by government officials. (This is even assuming that said government official has a legitimate reason for listening in... the "listening in just because encrypted must mean illegal" is a whole other discussion.)

Re:

[cardpuncher]

And more than that, it isn't at all obvious that retaliation will solve the problem you're experiencing. Indeed, the resources devoted to it will diminish the resources available for solving the domestic problem.

More seriously, critical infrastructure needs to have a safe manual mode of operation (even if you have to deploy personnel that normally wouldn't be present). If it doesn't your defence has already failed.

Re:

[Jason Levine]

I read your comment quickly and thought you said "It's called unplugging the Internet." Was going to reply back that they've floated that proposal in the past too.

Re:

[fustakrakich]

...figure out where the attackers actually are.

It's coming from M's office.

Not just no

[Rinikusu]

but FUCK no.

You mean

[MitchDev]

sort of like how they want to do with warrants and spying?

Imagine how quick we could start and end wars if we could launch nukes that quick...

Thanks Admiral Poindexter!

[chasm22]

Sorry I seem to confuse Rodgers and Poindexter.

A better red button for national security.

[king neckbeard]

How about a red button that will result in a spring loaded boxing glove that punches the NSA director in the face when he says something stupid. I think that is a far more pressing and vital need.

I want a unicorn too

[WillAffleckUW]

Grow up and stop trying to turn the US into Nazi Germany, NSA.

Re:

[fustakrakich]

The government does not turn a country towards Nazism. The people do, with their votes. That's how it worked back then too.

Re:

[WillAffleckUW]

tell that to the Nazi-created Daylight Savings Time.

Oh, and the unicorn needs to be pink with rainbow hooves, in case you were wondering.

Re:

[fustakrakich]

Damn thing better shit gold bricks or it'll end up in the glue factory...

So, round and around and around we go.
Where the world's headed, nobody knows.

Re:

[fustakrakich]

Not true. The voters select the candidates. If they only take what is spoon fed, it is their own fault.

One, And Only One, Red Button

[QuietLagoon]

The should be One, And Only One, Red Button.

.
If the Director of the National Security Agency and Commander of United States Cyber Command feels that he needs to have a Red Button too, then perhaps the goals of his command are morphing into the goals of the United States Strategic Command.

If that truly is the case, then there should be a single organization that has the single Red Button for the United States.

Maybe it is time for the United States Cyber Command and the United States Strategic Command to merge into a single entity with One Red Button.

Pretending time and space matters in cyberspace

[WaffleMonster]

NSA won't be happy until they launch their own fully operational low orbit ion cannon.

This is insane.

[Anonymous Coward]

How long do you think it would take for some bot-net master to figure out how to trigger this and cause the mother of all DDoS's?

I've seen this movie

[Anonymous Coward]

Human decisions are removed from strategic defense. USCYBERCOM computers begin to learn at a geometric rate. They become self-aware at 2:14 AM Eastern time, August 29th.

Considering who is requesting it

[nehumanuscrede]

I'm pretty sure the NSA will get what they want.

They just won't tell anyone else about it and the only way we'll ever learn of its existence is via another TS slideshow years from now when another Snowden makes said information public.

I am curious what they plan on doing for damage control when they end up targeting the wrong networks for retaliation. Think of the fun you can have with that. It's like Swatting, just on a different level completely. Take over systems in a corporation you loathe, use them to attack the NSA, their retaliation strike takes down the corporation for you. Win - Win.

I say...

[stackOVFL]

Let's take off and nuke the site from orbit. It's the only way to be sure.

SAC

[Lawrence_Bird]

hey lets just set those PALS to 00000000

listen up people if you aren't already in the security industry, hurry up because this is the gravy train of the next decade.

Ok, serious question time...

[skelly33]

I'm pretty sure the only military/government interest in being involved with "attack" scenarios on the Internet stems from the military/government having some critical exposure there. Why don't they, instead of making a plan for cyber warfare, make an initiative to fully separate the military/government network from the Internet and let the public Internet fry if it's going to fry. I can't think of a compelling reason for U.S. national security to have any ties to the Internet... can you? Helping out to pro

They said the same thing about nuclear weapons

[r0nc0]

When nuclear missiles and capabilities were first developed, the military and others argued that with only 15 minutes to react to a missile attack, it is not possible to locate the executive branch member still alive with the authority to give the retaliation commands. Remember, this is early 50's - no cell phones and even POTS networks weren't always reliable over great distances. They pretty much got their way; the SIOP for a nuclear strike allowed field commanders to take control if necessary and issue t