Forgot your password?
Security The Internet

US Planning Response To a Cyber Attack 359

Posted by kdawson
from the one-less-cyber-cafe-in-Karachi dept.
We've all heard of Google bombing; the US Government may be taking the expression rather literally. Planning is now underway across the government for the proper way to respond to a cyber attack, and options on the table include launching a cyber counterattack or even bombing the attack's source. The article makes clear that no settled plan is in place, and quotes one spokesman as saying "the preferred route would be warning the source to shut down the attack before a military response." That's assuming the source could be found. From the article: "If the United States found itself under a major cyberattack aimed at undermining the nations critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source."
This discussion has been archived. No new comments can be posted.

US Planning Response To a Cyber Attack

Comments Filter:
  • spoof (Score:5, Interesting)

    by brenddie (897982) on Sunday February 11, 2007 @04:14PM (#17974988)
    So if we can spoof enough IP's we can get the USA to bomb any country of our choosing.... interesting.
  • denial of service (Score:4, Interesting)

    by oohshiny (998054) on Sunday February 11, 2007 @04:16PM (#17975000)
    Well, this has some great potential for denial of service attacks by forging the source of a cyber attack.
  • by Anonymous Coward on Sunday February 11, 2007 @04:20PM (#17975050)
    All that matters is what their intelligence tells them. If the intelligence points to North Korea being responsible for the attack, regardless of where the actual attacking machines are, then they'll get bombed. The bombing isn't meant to stop the attack directly, but rather indirectly. If the blackhats are doing it for money, and they money source is cut-off, do you really think they're going to keep at it?
  • by anagama (611277) <> on Sunday February 11, 2007 @04:22PM (#17975078) Homepage
    Finally a reason (aside from erroneous child porn prosecution) to do something about all those compromised machines. If people thought the police might bust down their door to stop their computer from doing illegal things, they might think about being more responsible. Considering the damage an unattended compromised pc can do, it really is surprising that people don't face liability. If you keep a dangerous instrumentality on your property, and it causes damage to others, you are liable for that if the harm is foreseeable. Considering how the news has been peppered with these stories about compromised pcs causing people problems(*), the harm is now foreseeable.

    (*) A total non-geek person I know brought up that AZ child porn case to me in conversation and mentioned she thinks her machine is probably compromised too.
  • I see it now (Score:4, Interesting)

    by aschoeff (864154) on Sunday February 11, 2007 @04:59PM (#17975410)
    Both the RIAA and the MPAA manage to insert sufficient language into some unrelated bill (ala what they tried with the Patriot Act) that authorizes preemptive strikes against p2p networks, saying that they could serve as massive distributed attack vectors against our nation's cyber-infrastructure.

    Flip forward a few weeks. I wake up on a typical Sunday like today and start up Azureus. Within a couple of minutes, a tomahawk cruise missile is launched from a regional military installation.

    The upside of my imminent demise is my last minutes will be spent mellowly and obliviously perusing mininova, seeing if anyone uploaded a torrent for that one episode of The Daily Show I missed last Thursday.

    If only I had stayed up past 10PM that night, I would never have brought this on myself.
  • by Anonymous Coward on Sunday February 11, 2007 @05:06PM (#17975482)
    Well some of the world thinks your a crazed bunch of war mongers, but this story, erm, never mind...

    What do you bet we'll get stories about Cyber attacks from Iran. This sounds like a war machine trying to make another war, since the last ones not going so well.
  • Re:Hell Yeah (Score:5, Interesting)

    by Doc Ruby (173196) on Sunday February 11, 2007 @05:09PM (#17975516) Homepage Journal
    The real way to look at it is that there was a successful terrorist attack a year into Bush's responsibility. And since then, Bush has achieved so many more terrorist goals than any little terrorist could on their own that there's little need. Including killing thousands more Americans, destroying our military, bankrupting our treasury and our morals. And most especially destroying our freedoms and sense of security by sowing massive terror every time Bush shows his face in public.

    If there had been another planebomb, you'd use that to justify Bush getting even tougher. Just like you're surely cheerleading Bush's current escalation in Iraq. You zombie Republicans are so predictable.

    No one believes that gibberish about fighting them there so we don't have to fight them here. Except maybe you, Anonymous Dick Cheney Coward.
  • re: (Score:3, Interesting)

    by Kynmore (861364) on Sunday February 11, 2007 @05:15PM (#17975562)
    It sounds like something from a William Gibson novel. Only difference is our government isn't a corporation.
  • by cheros (223479) on Sunday February 11, 2007 @05:21PM (#17975598)
    I mean, not every end user chooses to be infected, and it's not like it's easy to get a machine secured whilst online before it gets infected. I'm not quite sure that a warhead on the house is the best way to deal with a part of a botnet.

    If you really want to take about liability you'll have to start with a company that sells you a car without brakes, thus creating a huge market for brakes, and is now starting to supply the brakes themselves. Whilst still leaving them out of the original car.

    Replace car with "Windows" and brakes with "decent security" and all of a sudden they're wonderful and creating shareholder value and carry no liability for their actions whatsoever whilst charging to the hilt for the privilege. Maybe taking decent action against them may help - it's going to be cheaper than bombs unless some White House friends are in need of tax funds again and need some rebuilding projects to camouflage the handouts.

    Yes, I'm a cynic. Live with it.
  • by doormat (63648) on Sunday February 11, 2007 @05:51PM (#17975784) Homepage Journal
    Work with ISPs in the US, Canada and Europe to take zombied computers offline. They'll get a letter or phone call telling them that their computer was part of a zombie network that was attacking DHS or whoever, and that they wont be allowed back online until their computer is cleaned. Most people only have one choice for broadband (DSL or Cable), and they'll have to go back to dialup (where they wont be much of a threat in terms of dDOS) if they dont get their act together.

    Its like when a cop pulls you over for having an unsafe vehicle, its about time that ISPs start patrolling their userbase and send letters/call their users to notify them of their infection.
  • by Kalriath (849904) on Sunday February 11, 2007 @05:53PM (#17975800)

    Uhh... woudln't just be easier to bomb the source. It's not like we don't know where Micro$ofts head quarters are.
    I am so sick of hearing this type of crap that Microsoft (what, you can't spell "s"?) is responsible for every single piece of botnet or exploit on the internet. You know, Linux/Unix machines can be "rooted" as well - to the same or more devastating effect...

    However, like with /([A-Za-z]?)nix/, Windows can be quite secure in the hands of one who knows what they're doing. In my 10 years of using Windows, I've never had a virus or trojan infect a machine under my direct control. Any virus would fail to pass the ISA Firewall (yes, that's MICROSOFT's Firewall software) as the antivirus (granted, third party) would block it from being retransmitted to the requesting machine. Client machines are on a completely seperate subnet behind a Sonicwall firewall (though even a cheapo device can achieve this same result), and outbound SMTP is allowed ONLY to the Mail Exchanger on the other side of the firewall. This setup is not really all THAT hard to do... if you wanted to save money you'd swap the ISA for a Fedora/Debian/Ubuntu/Insert Distribution Here (Solaris?) machine with maybe Squid or something, but the net effect is the same - the client machines are SAFE.
  • Not really... (Score:2, Interesting)

    by nowhere.elysium (924845) on Sunday February 11, 2007 @07:14PM (#17976402)
    Well yes, it sounds like a Gibson novel, but the *pertinent* difference is that if your governement were a corporation, they'd be a damn sight more accurate at pinpointing and destroying any relevant threats, and they definitely wouldn't be in anywhere near as much debt as they currently are. Plus, they'd use railguns, instead of nukes.
  • Re:botnet (Score:3, Interesting)

    by Shihar (153932) on Sunday February 11, 2007 @07:18PM (#17976436)
    You joke, but I think people are missing the fact that bombs can stop many attacks. If for instance a nation was able to launch some massive attack that was crippling the Internet, in this world of zombied computers can't simply block everything. A true Internet crashing attack would take hundreds (thousands?) of people to pull off and you likely might be able to at least localize them to a single nation. If you felt that that nation state was directly responsible, you might very well decide to bomb an entire nation's infrastructure to the point where no one has Internet access.

    The level of destruction on a nations infrastructure you would have to inflict would be horrific, but it might very well be justified. Taking out the Internet for the US, Europe, and some of Asia is just as bad as physically blowing up their power plants and cutting power. Such nations would be entirely justified to respond as if a foreign air force was bombing their infrastructure and respond in kind.

    All of that said, I am a skeptic that anyone could do more then make the Internet hiccup for a few minutes before proper defenses got things running relatively smoothly again. The Internet is a pretty robust system. It will take more then a Windows Vista upgrade to make the Internet unsecured enough to be taken down.
  • by maxwell demon (590494) on Sunday February 11, 2007 @08:29PM (#17976910) Journal
    Destroying a country will get quite easy. All you have to do is to route a massive attack on US infrastructure through Tor exit nodes in that country. The US military will then finish the job for you.

The opposite of a correct statement is a false statement. But the opposite of a profound truth may well be another profound truth. -- Niels Bohr