Slashdot Log In
US Prepares for Eventual Cyberwar
Posted by
Zonk
on Sun Jun 24, 2007 06:04 AM
from the batten-down-the-hatches dept.
from the batten-down-the-hatches dept.
The New York Times is reporting on preparations in the works by the US government to prep for a 'cyberwar'. Precautionary measures are being taken to guard against concerted attacks by politically-minded (or well-paid) hackers looking to cause havoc. Though they outline scenarios where mass damage is the desired outcome (such as remotely opening a dam's gates to flood cities), most expect such conflicts to be more subtle. Parts of the internet, for example, may be unreachable or unreliable for certain countries. Regardless, the article suggests we've already seen our first low-level cyberwar in Estonia: "The cyberattacks in Estonia were apparently sparked by tensions over the country's plan to remove Soviet-era war memorials. Estonian officials initially blamed Russia for the attacks, suggesting that its state-run computer networks blocked online access to banks and government offices. The Kremlin denied the accusations. And Estonian officials ultimately accepted the idea that perhaps this attack was the work of tech-savvy activists, or 'hactivists,' who have been mounting similar attacks against just about everyone for several years."
Related Stories
[+]
Your Rights Online: Kremlin Seeks to Control Online Media 220 comments
reporter writes "According to a disturbing report just published by Bloomberg, 'As the Kremlin gears up for the election of Putin's successor next March, Soviet-style controls are being extended to online news after a presidential decree last month set up a new agency to supervise both mass media and the Web.' However, unless the Kremlin pursues Chinese-style/Turkish-style blocking of the Internet-Protocol addresses of web sites like 'The Economist', even the Kremlin cannot control the online media. If Putin pulled the plug on an anti-Putin web site inside Russia, the anti-Putin web site could simply be migrated offshore to a server in, say, the United States."
[+]
IT: Russia Accused of Cyber-War Against Estonia 373 comments
earthlingpink writes about the ongoing DDoSing of Estonia. The Guardian is reporting that Russia stands accused of engaging in a three-week-long series of cyber-attacks. Government, banking, and media websites have been targeted. It is unclear whether the attacks are sanctioned or initiated by the Russian Government, but Estonian authorities believe that to be the case. NATO has sent security experts to Tallinn to help beef up defenses. The Estonian defense minister said, "At present, NATO does not define cyber-attacks as a clear military action. This means that the provisions of... collective self-defense, will not automatically be extended to the attacked country... this matter needs to be resolved in the near future."
[+]
IT: The Real Impact of the Estonian Cyberattack 172 comments
An anonymous reader writes "News.com offers up an interview with Arbor Networks' senior security researcher Jose Nazario. He takes stock of the denial-of-service attack against the Baltic nation of Estonia, and considers the somewhat disturbing wider implications from the event. 'You look around the globe, and there's basically no limit to the amount of skirmishes between well-connected countries that could get incredibly emotional for the population at large. In this case, it has disrupted the Estonian government's ability to work online, it has disrupted a lot of its resources and attention. In that respect, it's been effective. It hasn't brought the government to a crippling halt, but has essentially been effective as a protest tool. People will probably look at this and say, That works. I think we're going to continue to do this kind of thing. Depending on the target within the government, it could be very visible, or it could not be very visible.'"
[+]
Technology: NSA Tasked With 'Policing' Government Networks 93 comments
Novus Ordo Seclorum writes "The NSA has a new assignment. No longer merely responsible for signals intelligence, the NSA now has the task of defending against cyber attacks on government and private networks. 'The plan calls for the NSA to work with the Department of Homeland Security and other federal agencies to monitor such networks to prevent unauthorized intrusion, according to those with knowledge of what is known internally as the 'Cyber Initiative.' Details of the project are highly classified. Director of National Intelligence Mike McConnell, a former NSA chief, is coordinating the initiative. It will be run by the Department of Homeland Security, which has primary responsibility for protecting domestic infrastructure, including the Internet, current and former officials said. At the outset, up to 2,000 people -- from the Department of Homeland Security, the NSA and other agencies -- could be assigned to the initiative, said a senior intelligence official who spoke on condition of anonymity.'"
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
Full
Abbreviated
Hidden
Loading... please wait.
Isn't this blown out of proportion, again? (Score:4, Insightful)
It's not just the Internet (Score:5, Interesting)
***Isn't this blown out of proportion, again?***
Probably not out of proportion. The military has separate secure communications, but civil society doesn't. And many of our key networks aren't exactly robust. We've had incidents in the past of phone networks going down because of bad software upgrades to switches. And of power distribution networks going down for no very good reason and taking many hours to get back up. And satellites going out.
So what happens when a technically savvy bunch of folks with a point to make starts off by hijacking Microsoft Update to zombiate millions of PCs, uses other update services to brick all sorts of devices, then simultaneously goes after the DNS servers; North American power grid controls; and every satellite link they have previously found a vulnerability in? What if they can take down major parts of the cell phone network? Probably they can DOS the financial service network providers if they can't hack into them -- No functioning ATMs and likely no functioning banks and likely few functioning stores of any kind. And they reprogram a lot of the nation's traffic signals to turn all lights green permanently. They do the same for the railroads. And they turn off the natural gas distribution system -- in January. And they shut down the aquaduct pumping stations feeding Southern California. ... etc, etc, etc. And finally, they shut down as much of the phone system as they can get to.
A serious attack by a technically savvy attacker with significant resources and a good plan can very likely do most of those things and a great many more.
If an attacker can do even a quarter of that, it'd take any industrial country a week to get back up after a fashion, and months to really get things back under control. So, no, it's probably not blown out of proportion.
***I mean who the FUCK would be stupid enough to have the controls for a Dam connected to the internet?***
What is the cheapest and most cost effective way to control a remote power facility? And who says cyber attacks are limited to the Internet? If your dam is 300 miles away, you're going to need remote access -- at least for monitoring and quite likely for command and control. Seems to me like most, maybe all, of the technologies to do that -- internet, phone network, satellite, radio links, etc--are open to interception and attack. Even if you can't break into the control link, you likely can deny service in one way or another.
Parent
Re:It's not just the Internet (Score:5, Funny)
Parent
Re: (Score:3, Funny)
William Gibson called and he's asking for Wintermute back.
Re:It's not just the Internet (Score:5, Interesting)
What makes you think they have to hijack MS Update? It seems to be a problem right now, today. [bbc.co.uk] Anybody who thinks this is something new is clueless. It's a problem right now, today.
A few things that can help:
1) Stop using systems that are inherently flaky. (EG: MS Windows) Move on to something that's proven to be resistant to viruses and the like. MacOSX, Linux, BSD, and other *nix variants are a good bet for the immediate future, but I'd wager that the best bet would be to revive DEC VMS! The security on that system is just simply awesome, and its reliability is second to none. Get somebody with chutzpah like Steve Jobs to make it work, and it would. Very well.
2) Demand basic, reasonable security policies in force at ISPs. The federal govt should require that ISPs should use basic technologies to ensure that packets appear to come from the right network, malformed packets are rejected, etc. and it should also provide reasonable initial funding so that they can comply with this law without undue hardship.
Another interesting thought - computers have gotten complex enough that the average person can no longer maintain them. So what if there was a way that the average person could outsource this administration to somebody else? There's quite a few ways this might work:
A) The "pool service" model - some local techie shop periodically accesses your computer (either physically or remotely) and performs a routine maintenance, fixing security holes, ensuring updates are done, performing backups, etc.
B) The "terminal" model - rather than store all your data/files on your local machine, your local machine becomes a dummy terminal, and you access your data and programs remotely. Something like the "terminal" that was common on mini and mainframes in the 1980s. Think Google office? This may be where Microsoft goes with their 'Windows Live' service, and where Linux goes routinely with X11.
C) The "Updater" model - almost in place now, you pay a subscription fee to have software downloaded automagically that takes care of security issues. The main point here is that for this to work, it has to provide a strong assurance of quality, which this does not.
Man, got windy on this post. Hope you enjoyed it!
Parent
Re:It's not just the Internet (Score:5, Insightful)
And of course, the OP only outlined a few attacks that can be conducted from the safety of an office somewhere remotely. We face an enemy who isn't at all afraid to blow stuff up, even if it means the explosives are personally delivered. Anyone take a look at the physical security on a dam recently? Storage sites for nuclear waste? Ferries, busses, trains?
We are ripe for attack from a small team of well-funded and determined enemies, and we're not doing enough to prepare for it.
Parent
Remember the big eastern brown out? (Score:2, Interesting)
Re: (Score:3, Insightful)
Re:Isn't this blown out of proportion, again? (Score:5, Informative)
"..through the industrial remote-control technologies known as Scada systems, for Supervisory Control and Data Acquisition. The technology allows remote monitoring and control of operations like manufacturing production lines and civil works projects like dams"
Words fail me.
Parent
Re:Isn't this blown out of proportion, again? (Score:5, Interesting)
This doesn't matter very much anyway. TFA seems to have confused 'you can connect to it remotely via some mechanism or another' and 'anyone connected to the internet can just ssh right in/DDOS it'. FUD.
Parent
Re: (Score:3)
President: How long would you have to stay down there?
Strangelove:
New peace activist slogan: (Score:5, Funny)
Re:New peace activist slogan: (Score:5, Funny)
Parent
Obvious safeguard (Score:5, Insightful)
Re:Obvious safeguard (Score:5, Funny)
_ _ _ _ _ _
Access granted! Hello Mr. President,
would you like to...
[1] Raise taxes
[2] Open floodgates
[3] Administrate the US Army
[4] Launch nuclear warheads
[5] Play online poker
Parent
Re: (Score:2, Funny)
[6]Global Thermonuclear War
Re:Obvious safeguard - not so safe (Score:4, Interesting)
Back in the late '90s I was infected by my first virus. I had never connected to the internet, I had just used the library and school computers. Somehow, I still managed to get a virus on my floppy diskette.
I don't think it is unlikely that there are people who hook their laptops up to their work network, and I suspect it is even more likely that people plug in a floppy/thumbdrive/cdrom from home. I don't doubt that it would be safer to stay disconnected from the Internet, but a handcrafted virus would be far more likely to avoid detection by most antivirus and probably accomplish just as much in a hacker war. It would have to be a targeted program, but that is really the point isn't it, that hackers could be targeting networks that are supposed to be secured. Of course, it probably doesn't help security that they probably assume their network is safe.
Parent
Tickle Me Elmos transformed into killing machines (Score:3, Funny)
microchip-controlled Tickle Me Elmos will be transformed into unstoppable killing machines
(taken slightly out of context)
Newspaper ad (Score:5, Funny)
We're looking for a young man named John Connor, to lead our efforts in the war against the machines. We offer $1000 to anyone who has any substancial information in discovering his location. If you can help, please dial 1-800-ILL-BE-BACK.
- The Government (it's not Terminator this time, I swear)
Re: (Score:3, Funny)
This is The Government. We're warning you that Terminator seems to be posting newspaper ads looking for John Cohnor and presenting himself as The Government. Do NOT call him. The real Government would never post ads in a newspaper in a fashion like that.
Hmm, wait a second. Bob, stop typing, let me call the general. Hello, General? I just realized, we can't type in a newspaper ad, that we'd never post in a newspaper ad, we'd look like damn morons. Uhuh. Uhuh.. Wait.. BOB I
Re:Newspaper ad (Score:5, Insightful)
Makes me feel Slashdot had an edit post button, so I wouldn't have to ammend myself in an entire new post.
Parent
The Need for an Enemy (Score:4, Insightful)
Bring back the Cold War, that's what I say, and it looks as though they are. This whole terrorism thing just isn't working out
Re: (Score:3, Informative)
Re: (Score:2)
Maybe it's not working out, but Cold War was even worse. It was so hopelessly outdated, that they tried rebranding it "Cool War", "Hot War" and what not, but it just wouldn't catch on.
Cyberwar and war on terror is where it's at. And war on child abuser. Who doesn't agree? You child abusers, you.
Ladies and Gentlemen, Start Your Memes! (Score:4, Funny)
Re: (Score:2, Funny)
Somebody set us up teh hax!
always a war (Score:5, Insightful)
I guess big budgets need big reasons
Re: (Score:2)
Re:always a war (Score:5, Funny)
Amen. Let's declare war on war!
Parent
Re:always a war (Score:5, Insightful)
Um...perhaps because it's the smart thing to do? Only an idiot wouldn't prepare.
You see, any country that has two nickles to rub together makes preparations to keep their two nickles. The reason is simple. Someone with only one nickle or maybe someone with two nickles that would like to have four, may decide to come take your two nickles. So you have a choice. One, give your two nickles up tomorrow (it will happen), or be in a position where it will cost someone three nickles to take your two.
Perhaps you've heard, "Hope for the best. Plan for the worst." Only an idiot running a country wouldn't do that.
Parent
Re: (Score:2)
What about the war on grammar?
How about war on grammar nazies, and nazies in general (I'm sure Steven Spielberg would even make a movie about it).
And that's a typo, not a grammatical error.
Disaster contingency planning (Score:3, Funny)
Born to Lose (Score:5, Insightful)
Meanwhile, the US has already been under siege by China in a full-blown cyberwar [google.com] for several years.
It's cheap to attack the US tech infrastructure, and expensive to defend against it. That's what asymmetric warfare [wikipedia.org], like terrorism, is all about. So 6 years into Bush's Terror War, and the government is still preparing to get started, while our enemies just surge around us.
Stupid-wordism (Score:2, Interesting)
preparing to START a cyberwar? (Score:2)
Slight factual error in summary (Score:2, Informative)
The important thing to remember here is that the monument is still visible for those who wish to pay their respect to their ancestors. The monument is not, and never was, removed.
PLAN FOR ACTION (Score:5, Funny)
1. "Security through Conformity": Standardize on exactly one platform. Make sure everyone in government is using it. That way, if we discover a gaping security hole in that platform, we only have to patch one type of system. Homogeneity is the key.
2. We need to put our trust in professionals. That one platform should definitely be Microsoft Windows. Sure, having people from all over the world looking for bugs might be quicker and more effective, but that also means that people from all over the world have the potential to find a security hole, but we have no clear target to blame for that security hole. And don't forget that backdoor that was almost slipped into Linux (though, fortunately, caught before it got into source control because of all of the people able to look at it)! We wouldn't have to worry about that with Microsoft Windows
3. Don't leave computer decisions in the hands of long-haired computer geeks who spend all day working with technology. They tend to have decidedly leftist--if not communist!--leanings. All IT decisions for the US government should be made by the people best qualified to make them: Career bureaucrats.
Ahhhh, Now I understand about paying taxes on .... (Score:3, Insightful)
They can use the virtual taxes to pay for the virtual war (cyberwar) defense.
http://politics.slashdot.org/article.pl?sid=07/06
Cyber Cyber Cyber (Score:4, Funny)
"Cyber" is so 1990's... anything that inserts it into the language more often is a nuisance. Can you imagine if it gradually became a synonym for "good"?
Dude, that pizza was totally cyber!
Ugh...
SECURE THE PROTOCOLS!!! (Score:5, Insightful)
If ISPs at least blocked forged-ip packets from exiting them, then THAT would be a nice start.
A word from the front lines (Score:5, Informative)
Industrial Control System Security is the subject of many books (with many more on the way), security committees, and even pending regulation. I could spend a long time trying to explain why things are the way they are. Here's an overview of the issue:
1) SCADA systems started out in isolation. Most were never designed for internet access and many were designed without any thought to security because there is a more important concern: Reliability and performance.
2) Office folks got wind of what information could be had from SCADA systems and the next thing that happened were a mass of people clamoring for the data. However, very few gave much thought to how that data could be extracted securely without affecting the reliability or performance of the system. As a result, there are many security compromises.
3) It's not easy to retrofit security in to an existing SCADA system. It would be like putting seat belts and air-bags on a Ford Model T. Such measures will help, but what is really needed is a re-engineering of the whole system.
4) Many of the protocols we use every day live in carefully validated embedded systems. You can't just "update" them without digging in to a morass of other embedded systems issues, in addition to the protocol itself, you have issues of performance and expected behavior. For this reason, updates of embedded firmware are rare.
5) SCADA systems live for a long time. Typical lifetimes are at least 10 years for the field devices and five years for the control room software and hardware. These configurations are carefully validated (a very tedious and expensive process), so companies are loath to upgrade them unless there is a very good reason to do so.
I can go on, but that's should give you a taste of what the situation is.
Now for the reality of interational red-teams. Yes, they exist. The US has them too. I don't design for a red team. First, that would require very frequent software upgrades, something which I've already explained is not feasible for most SCADA system operators. Second, we opt for defense in depth. We try to segment our systems so that they fail in to smaller peices which are semi-autonomous in themselves. They won't be as efficient, but they will continue to work. And finally, in case you hadn't noticed, we design our physical security to eliminate the casual vandal, not the determined para-military group. The cost of going fully secure is so high that nobody would be willing to pay for it.
At the utility where I work, we keep our SCADA system carefully shielded behind firewalls. Yet many other SCADA system managers do not understand the security issues because they're not IT savvy. Conversely, most IT staffers in utilities and manufacturing companies do not understand what a SCADA really is and does. This is not just another app. The notion of a real time or even a near real time system is alien to most. Furthermore, there is no such thing as "rebooting" in this business. In most IT applications, restarting the application or rebooting the machine is routine. Not so in SCADA. If we restart, we often lose track of many critical on-going processses. You see in most IT applications, they are the whole system. With SCADA, there is a physical world of things going on with or without them. If you're not up and running all the time, you're probably going to miss something critical.
Finally, opening dams by remote control isn't likely. We have dams where I work too. Even if we did open them by remote control (we open ours manually), the systems that we use are as far as possible from the internet, and even our office intranet. Yes, we can wash out parts of a town downstream if we're not careful. The operators of such dams are licensed and they must be very careful about how the
neuromancer & ghost in the shell (Score:3, Insightful)
Hacking the Media (Score:3, Interesting)
The Joker laughing out of every TV and Radio in Gotham city would be a powerful psychological win and a plausible goal for a determined enemy. What if part of a cyber war campaign was designed to replace Podcasts, Music streams, VOD Movie services, CNN Video or any internet delivered media with a message from our enemy? Could they commandeer Internet connected set-top boxes deployed by Cable providers and replace what we see and hear?
I was approached by some people recently who wanted to know exactly how someone could pull that off. By "some people", I mean someone who works with an unnamed National Security Agency of sorts. I shrugged it off at first, then thought of the potential impact. Eek. Does anyone in the media business even anticipate or have a strategy for combating such an attack?
Mind yo businez (Score:4, Insightful)
That's right, because we all know that bullies only beat up other bullies. </sarcasm>>
I love that people assume that the US is a target because of it's actions. I wonder if these are the same people that assume that Microsoft gets hacked because it is an 'evil' company. Let me say it plainly: The US is a target because the US has a lot of money and influence. Microsoft is a target because they have a large number of users. There may be thousands of other reasons, but that is the real reason there is such a disparity in attacks against the two. I am not saying that MS shouldn't be a moral business or that the US shouldn't improve it's interactions in the world, I'm just saying that doing either one will not make a significant difference in the number of attacks.
Both have a need to do the same thing too, actually. They need to improve security and do it in such a way that it doesn't harm their base.
Parent
Re:Don't want to be attacked? It's SO simple reall (Score:2)
Re: (Score:2)
Tain't entirely true. Ask the Poles.
Nonethelss, it'd be a very good start. Especially for people who have proved, on the whole, to be rather inept at meddling.
Re: (Score:2, Insightful)
Don't beat your kids, better yourself & lead by example.
If the children don't follow your example, abandon them.
Re: (Score:3, Insightful)
In fact, I'd go so far as to say that "political correctness" only ever really existed as a convenient strawman caricature, useful for smearing anything remotely smacking of "liberal" or left wing views.
Sometimes a legitimate complaint: Racism. (Score:3, Interesting)
Flamebait? Sure. But badly-constructed flamebait- the only people who use the expression "politically correct" are those attacking the concept.
Very true.
In fact, I'd go so far as to say that "political correctness" only ever really existed as a convenient strawman caricature, useful for smearing anything remotely smacking of "liberal" or left wing views.
Heh, I don't know: I'd always considered myself reasonably to the left, but... I was surprised to run into a bunch of socially-acceptable racial bigotry during college, and the only way I can think to characterize it, is as having been "ok" because it was "politically correct." And this is the real point of my post.
What am I talking about? People complaining, over and over, about "rich white kids;" they'd use sneering language like "bastion of white privilege," repeat racial slurs like W
Re: (Score:3, Interesting)
So, a hive mind would end the wars.
But would this be really better?