US Planning Response To a Cyber Attack 359
We've all heard of Google bombing; the US Government may be taking the expression rather literally. Planning is now underway across the government for the proper way to respond to a cyber attack, and options on the table include launching a cyber counterattack or even bombing the attack's source. The article makes clear that no settled plan is in place, and quotes one spokesman as saying "the preferred route would be warning the source to shut down the attack before a military response." That's assuming the source could be found. From the article: "If the United States found itself under a major cyberattack aimed at undermining the nations critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source."
Bombs? That's ok... (Score:5, Insightful)
Re:Bombs? That's ok... (Score:5, Funny)
Re:Bombs? That's ok... (Score:5, Interesting)
(*) A total non-geek person I know brought up that AZ child porn case to me in conversation and mentioned she thinks her machine is probably compromised too.
Re:Bombs? That's ok... (Score:5, Insightful)
That is only true if all responsible parties are held to a reasonable level of accountability.
If you found out that your oven was, without your knowledge, part of a local arson ring, you'd be pretty upset a being held accountable for the neighborhood damages. You'd probably blame Kenmore for making such a thing remotely possibly in the first place, since it has no connection with how or why you bought the oven in the first place.
Until the hardware mfgrs, OS mfgrs, software mfgrs, and users are all held to roughly similar standards, you can't place all blame on the user.
To put things a different way:
-If 1% of your products cause widespread damage, then 1% of your users are idiots.
-If 5% of your products cause widespread damage, then 5% of your users need training.
-If 25% of your products cause widespread damage, then you are the idiot.
Re:Bombs? That's ok... (Score:5, Funny)
Re:Bombs? That's ok... (Score:5, Insightful)
You buy a new drive-by-wire car. Then either of the following happens: You forego the option to park your car in a readily-available garage and a terrorist quietly breaks into it, or you simply take the car to a garage that you thought was reputable because of its professional-looking store front but was in fact a terrorist-run shop. Either way, they had their way with your car, installing hidden remote controls on the drive-by-wire system. Then they install a bomb using any available space, such as the empty body panels, inside the seats, etc. They can now damage or destroy any bridge they like, but you never knew what they did to your car, so you went on with life as usual. Then they did it to other owners' cars around town that were similarly vulnerable to compromise or social engineering.
Now for the best-case-scenario version of the outcome. We'll assume that the bridge is unoccupied, so there is no human life lost when they take your car and all the other zombie cars on their final joy ride, but the bridge is damaged and has to be closed while its structural integrity is assessed. Meanwhile, traffic has to be rerouted or stopped altogether. People can't get to work. Goods can't be delivered. The general population is afraid that there will be another attack, possibly trapping them in their neighborhood.
Now imagine that the cars were your computer and all the other zombie machines out there, the home garage was a simple NAT router or decent software firewall or the repair shop was a software package that contained malware, and the bridge was any major server or router that a decent-sized portion of the internet population relies on for day-to-day electronic transactions.
Do you really think it was the car manufacturer's fault that you left the car unprotected, or worse, you handed the keys to an untrustworthy mechanic because he had a professional-looking shop? While I don't think the car's owner should be held criminally responsible, I think they unknowingly forfeited the car when they ignored their responsibility to keep it reasonably secure. Don't be surprised if the government starts fragging driverless cars once they've identified them.
Re:Bombs? That's ok... (Score:5, Funny)
You buy a new drive-by-wire car.
You can tell right there it's going to be a good analogy.
Re:Bombs? That's ok... (Score:5, Funny)
Don't you think that's overkill for MS users? (Score:3, Interesting)
If you really want to take about liability you'll have to start with a company that sells you a car without brakes, thus creating a huge market for brakes, and is now starting to supply the brakes themselves. Whilst still leaving them out of the original car.
Replace car w
Re: (Score:3, Insightful)
Along the same lines, it has always irked me that (the government) has never considered approaching Microsoft about the severe security flaws to which it's software is subject. Certainly if the most popular operating system in the world were less morbidly insecure, botnets and the like but be far fewer between. After all, these botnets aren't being built out of *NIX machines, so we're really talking about MS software.
I think a certain amount of responsibility lies on the endusers shoulders insofar as they
Re:Bombs? That's ok... (Score:4, Insightful)
Re: (Score:3, Informative)
Anyway, it'd be pointless to prosecute these people is because the vast majority of compromised machines aren't even IN any western nation. Every script kiddie knows that if you really want a bot-net, you scan Asian IP's. When I was 15 I had 2,400 Korean co
Re: (Score:2)
botnet (Score:5, Funny)
Re:botnet (Score:5, Funny)
Re: (Score:2)
Re: (Score:3, Insightful)
Re: botnet (Score:5, Funny)
Good thing the story isn't on a DoD site, or Slashdot might get some retaliatory cruise missiles.
Re: (Score:2)
Hey, its one way to get rid of spammers ...
Quick, everyone add a bunch of anyone@pentagon.mil and someone@whitehouse.gov addresses to your posts for spam address harvesters.
Re: (Score:2)
Sadly enough, they would be just that stupid. :(
Re: (Score:2, Funny)
Re: (Score:3, Funny)
Re: (Score:2)
Re: (Score:3, Interesting)
Re:botnet (Score:5, Funny)
An option... (Score:5, Funny)
What a way to dispel a myth... (Score:2, Interesting)
What do you bet we'll get stories about Cyber attacks from Iran. This sounds like a war machine trying to make another war, since the last ones not going so well.
Re: (Score:2)
True, it sounds like a part of a modern "Operation Northwoods". http://abcnews.go.com/US/story?id=92662&page=1 [go.com] This could be an even better reason to invade/bomb/disappear someone than terrorism.
Standard hacker defences won't work (Score:3, Funny)
Military action is unlikely to be a solution (Score:5, Insightful)
There's a lot wrong with this. Off the top of my head...
Any sustained attack on network infrastructure, on the scale that they're talking about, is almost certainly going to be a distributed attack. Botnets have no patriotic allegiance, their locality is a function of machine vulnerability (eg: N. Korea's dependence on Active-X), not politics.
If I'm crafting an attack, I don't have to even tell the truth about my IP address, TCP allows the sender to specify a (fake) IP address. Obviously I won't get any replies, but I don't care if I'm simply out to cause damage
Geolocation of IP addresses is pretty much a black art as well - there's far too much variability by IP address to try and localise to the precision needed for bombing the source. My hostip.info [gornall.net]website only attempted to locate to the
Not to mention that it's a pretty big precedent to set... At least they're talking about talking, before bombing; the problem is that if you make a threat to bomb someone, you have to be prepared to carry it out. Countries can't afford to be seen to be bluffing when it comes to things like this, the impact on future negotiations is too high.
Simon.
Comment removed (Score:5, Informative)
Re: (Score:2)
So you're saying they've mastered miniturization now?
How about this? (Score:3, Funny)
Re: (Score:2)
Simon.
Re: (Score:3, Insightful)
Re: (Score:2)
Re: (Score:2, Informative)
Re: (Score:2)
Re:It doesn't matter where the attack in terms of (Score:4, Insightful)
You can be quite sure, even now before the attack has started, that the intelligence will point to Iran being responsible. In fact, it is most likely that Iran will be have to be bombed before the cyber attack starts, in order to preempt it
Re: (Score:3, Insightful)
Unfortunately, that doesn't seem to be the case.
NY Times - U.S. Presents Evidence of Iranian Weapons in Iraq [nytimes.com]
The article does mention that the claims about Iran "[are] bound to generate skepticism among those suspicious that the Bush administration is trying to find a scapegoat for its problems in Iraq and, some political analysts and White House critics believe, is looking for an excuse to attack Iran." Beyond that,
Re: (Score:2)
How easy do you think it is to get hold if the 'evidence" presented? No very difficult no. But, the article mentions nothing about nuclear devices.
Re: (Score:2)
spoof (Score:5, Interesting)
Re:spoof (Score:5, Funny)
Re:spoof (Score:4, Funny)
Note to the clueless (Score:2)
Easy response... (Score:2)
iptables -I INPUT -s -j DROP
Replace with favorite firewall appropriate commands.
MUCH quicker, cheaper, and probably more effective than trying to blow up the source.
Re: (Score:3, Informative)
Now what fun is that? (Score:2)
Bombs solve all problems, and require very little forethought to use. Everyone is impressed by large explosions...virtually nobody is impressed by iptables rules.
denial of service (Score:4, Interesting)
Re:denial of service (Score:5, Funny)
OTOH, I suspect that the NSA & DoD aren't that stupid
Re: (Score:3, Funny)
tilte confusing, google has nothing to do with it. (Score:5, Insightful)
Instead, the US is just aknowledging that attacks on it's internet infrastructure can be responded to just like physical attacks.... by military attack.
Is anyone suprised that if one place was pinpointed as the source of the attack on any countries infrastructure it might be a target? I'm not. The net is more important than some buildings at this point.
The only thing I'm suprised is to expect any attack to be from one place... I'd expect it to be distributed. But thats ok, we have bombs for that too. ouch.
Re: (Score:2)
I expect that their goal would be to take out whatever node is controlling the attack (ie the botnet owner's house).
But I don't see how useful that is, since modern botnets have a distributed command a
Re:tilte confusing, google has nothing to do with (Score:2)
Any single attack will be from one place/person/country. They/he may use distributed means to do it, but it will originate in one place. Spam, for instance. Yes, it comes in via multiple paths/zombies/botnets...but any 1 specific spam originates from one dude or company. The trick is finding that one dude. And that's what the DoD is trying to do.
Uhh... woudln't just be easier... (Score:5, Funny)
Re: (Score:3, Interesting)
Uhh... woudln't just be easier to bomb the source. It's not like we don't know where Micro$ofts head quarters are.
I am so sick of hearing this type of crap that Microsoft (what, you can't spell "s"?) is responsible for every single piece of botnet or exploit on the internet. You know, Linux/Unix machines can be "rooted" as well - to the same or more devastating effect...
/([A-Za-z]?)nix/, Windows can be quite secure in the hands of one who knows what they're doing. In my 10 years of using Windows, I've never had a virus or trojan infect a machine under my direct control. Any virus would fail to
However, like with
Re: (Score:2)
Jokes aside - viruses isn't a problem anymore. The problem is spyware.
Re: (Score:2)
Re: (Score:2)
Using Linux, I am quite spoilt, being able to click on anything with wild abandon. There is no good reason why Windows cannot be made to be equally strong. IMHO it is simply a lackadaisical att
Bring 'Em On (Score:2)
Besides, with cyberattacks [google.com] on both US government and civilian targets raging for years without either the FBI or military doing anything effective to protect us, they're bound to show nothing but improvement [google.com], right?
Re: Bring 'Em On (Score:4, Informative)
Hey, current thought among the Bush administration and the neocon "thinkers" that got us in to all this, is that if you blow one war you should start another one so you can try again.
Re: (Score:2)
What's the old quote? Never attribute to malice that which can be adequately explained by stupidity...
Re: (Score:3, Insightful)
This proves it works.
Re: (Score:2)
Re:Hell Yeah (Score:5, Interesting)
If there had been another planebomb, you'd use that to justify Bush getting even tougher. Just like you're surely cheerleading Bush's current escalation in Iraq. You zombie Republicans are so predictable.
No one believes that gibberish about fighting them there so we don't have to fight them here. Except maybe you, Anonymous Dick Cheney Coward.
Instead of physical bombing (Score:4, Insightful)
Re: (Score:2)
Slashdotted:No more submissions to .gov/mil sites (Score:5, Funny)
Please cease and desist linking to site xxx.mil ( reacted ) or whitehouse.gov or else we will bomb you.
Signed G.W. Bush.
Re: (Score:2)
Reid
Scene from the War Room (Score:5, Funny)
Re: (Score:2)
Re: (Score:2)
I can't wait! (Score:2)
Yay! About time!
Attack the source? (Score:4, Funny)
But what if... (Score:4, Funny)
I think.... (Score:5, Insightful)
I'm not sure if I agree with everything in the article but it is the Government's job to protect this country and there are a lot of businesses and people that demand on the internet. If some outside source could mess with this it would be devastating to the economy and the country...
OMG (Score:2)
Bomb MIT (Score:2)
More targets.
Redefines... (Score:5, Funny)
I see it now (Score:4, Interesting)
Flip forward a few weeks. I wake up on a typical Sunday like today and start up Azureus. Within a couple of minutes, a tomahawk cruise missile is launched from a regional military installation.
The upside of my imminent demise is my last minutes will be spent mellowly and obliviously perusing mininova, seeing if anyone uploaded a torrent for that one episode of The Daily Show I missed last Thursday.
If only I had stayed up past 10PM that night, I would never have brought this on myself.
oh really - this is just hilarious (Score:5, Funny)
Solid evidence (Score:2)
If US can produce gigabytes of logs "proving" that someone in another country is attacking their computers, would that give them the right to physical military actions, in the lack of other form of evidences?
Don't fear! (Score:2)
re: (Score:3, Interesting)
Not really... (Score:2, Interesting)
These people need to remember what their jobs are. (Score:2)
You know, seeing as that's what the present danger to the nation actually is?
It's all well and good to think of ways we could possibly be attacked while our people aren't dying every day, but right now, these people should be hung as traitors for wasting time and taxpayer dollars doing anything OTHER than finding the best possible way to protect our soldiers abroad, and our people at home.
So wait... (Score:2)
Re: (Score:2)
They'd Bomb Redmond? (Score:2)
Wouldn't it be less messy to simply call out the Washington National Guard?
How about take zombies offline? (Score:4, Interesting)
Its like when a cop pulls you over for having an unsafe vehicle, its about time that ISPs start patrolling their userbase and send letters/call their users to notify them of their infection.
Infrastructure? (Score:2)
NO!!! NOT CABLE TV!!!! *cries*
AFT China, North Korea ... CARMAD (Score:2)
Cyber Attack Response Mutually Assured (CARMA) Destruction/Terror/
than one cute acronym for US.
Oh, I strongly believe it is About Fucking Time (AFT) that China,
North Korea, Russia, France, Iran, Ireland, Austrailia, Japan
others understand we are prepared and deadly serious about making money
for the wealthy and will totally fuckup friends and foes alike for
any virtual attack o
On some sick level... (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)