Schneier Recommends Nuclear-Style Cyberwar Hotlines, Treaties 123
strawberryshakes writes "Cyberwar is the new nuclear war. Bruce Schneier says governments should establish hotlines and treaties outlining the protocol surrounding cyberwar, just as they would for any other war. He wrote in the Financial Times (paywalled, but available through Google), 'A first step would be a hotline between the world’s cyber commands, modelled after similar hotlines among nuclear commands. This would at least allow governments to talk to each other, rather than guess where an attack came from. More difficult, but more important, are new cyberwar treaties. These could stipulate a no first use policy, outlaw unaimed weapons, or mandate weapons that self-destruct at the end of hostilities. The Geneva Conventions need to be updated too. Cyber weapons beg to be used, so limits on stockpiles, and restrictions on tactics, are a logical end point. International banking, for instance, could be declared off-limits. Whatever the specifics, such agreements are badly needed.'"
Oh boo hoo... (Score:2, Insightful)
So what if the Chinese DDoS the internet for a while? OMG, twitter might go down!!~!eleventy!
I think the ISP's will be much more effective in fixing any problems, possibly by blocking all traffic from the offending country, if it comes down to that.
Re: (Score:2)
Re: (Score:2)
And this is an incentive for the Chinese to implement such a hotline how?
Re: (Score:1)
So what if the Chinese DDoS the internet for a while? OMG, twitter might go down!!~!eleventy!
Since most bank-to-fed and fed-to-bank transactions are via electronic networks, and much of the telephone communications go over electronic networks, and a huge segment of our economy is conducted via the internet, and email between customers and vendors is very common, I think the impact would be bigger than just twitter going down.
But Schneier (as much as anyone) should recognize that politicians are reactionary. This will get attention after the first cyber-attack.
Re:Oh boo hoo... (Score:4, Interesting)
I think the ISP's will be much more effective in fixing any problems, possibly by blocking all traffic from the offending country, if it comes down to that.
This is "cyberwar" (their word, not mine) we're talking about. General Hayden, the former Director of the NSA, spoke at Blackhat on the topic this summer. He said that the Internet today resembles a vast indefensible plain, and that an enemy attack can come from anywhere. He thought (hoped?) a kind of "geography" would eventually evolve on the internet, allowing for tactical maneuvering, permitting the kind of strategies warriors like to fight and defend from. You're alluding to a similar type of thinking, where if the attack comes from China, you pull the cable on the back of your router marked "From China".
It's that kind of thinking that's unfortunately going to fail at cyberwar.
If I'm attacking your country's systems, I'm not coming from China. I'm hopping hacked servers and networks from China to Estonia to Russia to France to London to New York. If it's a DDoS attack, I'm not commanding a million Chinese PCs to send you SYN packets, I'm sending one instruction to a command and control network to tell an army of zombies across the country and globe to send you SYN packets. Or I'm activating the hostile commands buried in my counterfeit Cisco routers spread across your country by cheapo eBay resellers.
The best defense against info-warfare is to have a good alternate strategy. Twitter may not need backups, but Wall Street does. Industrial plants and the electrical grid need air gaps (and obviously a lot more protection than they have today.) The armed services need an isolated network. So does the intelligence community. The first, second, and third jobs of cybercommand should be creation of these defense plans.
Re: (Score:2)
General Hayden, the former Director of the NSA, spoke at Blackhat on the topic this summer. He said that the Internet today resembles a vast indefensible plain, and that an enemy attack can come from anywhere. He thought (hoped?) a kind of "geography" would eventually evolve on the internet, allowing for tactical maneuvering, permitting the kind of strategies warriors like to fight and defend from.
Basically the Princes and Tribesmen want the Dwellers to plant a Forest in which they can fight their battles. It's only reasonable [aikiweb.com].
1st - that doesn't sound like Schneier. (Score:2)
He's usually a LOT more intelligent than that.
2nd - be proactive. Pass a law that requires that each ISP check the packets on their network and do NOT forward any packets that do not match the addresses they control. There, spoofing is pretty much dead.
3rd - whitelists, not blacklists. Know who you absolutely must have an Internet connection to and why. If someone is flooding your network, block everyone else. (yeah, this won't work for Amazon or eBay)
4th - it's the GOVERNMENT. Use your purchasing power to
Re: (Score:3)
The best defense against info-warfare is to have a good alternate strategy. Twitter may not need backups, but Wall Street does. Industrial plants and the electrical grid need air gaps (and obviously a lot more protection than they have today.) The armed services need an isolated network. So does the intelligence community. The first, second, and third jobs of cybercommand should be creation of these defense plans.
They need all those things and also a good, well-enforced policy to keep defense/intelligence employees' ad hoc sneakernet from de-isolating the isolated networks. Witness the recent near-destruction of Iran's nuclear program at the hands of Stuxnet, which is believed to have been brought into the nuclear facility's isolated network by a scientist using a thumb drive to take work home with him.
Stockpiles?...of cyber weapons? (Score:5, Funny)
I would recommend one case *per nerd* (Score:1)
If this is going to go on for a few days, they'd better stock up on the Dew!
Re:Stockpiles?...of cyber weapons? (Score:5, Insightful)
Probably something along the lines of a number of botnets, zombies, secret 0-days vulnerabilities, etc.
It's pretty easy to picture governments building up large botnets of their own machines, ready to tear down any site they want. Limits on that would be good, I think.
Re: (Score:1)
Right, but that's still silly.
What's a botnet? What's a zombie? A botnet is, typically, a bunch of zombies. A zombie is simply a machine that can be remotely controlled using a some piece of software that's installed on it, which is typically injected by a Trojan horse, drive-by-download, e-mail virus, whatever.
Now if the government says "we'll take down 300,000 of our 1 million botnet nodes," how are you going to know they did it? How do you know they have a million botnet nodes? With nuclear missiles,
Re: (Score:2)
Would the stockpile be counted MAFIAA-style, with each copy, download, and upload counting as a 'unit'?
Or would the stockpile be counted in lines of code? Perhaps in terms of algorithms used? Type of weapon?
Given the rate of development that "cyberweapons" undergo, I think that 'stockpiling' would, in reality, mostly refer to the archive room with a bunch of obselete software cluttering up DVDs.
Re: (Score:2)
Limits on stockpiling that which can be infinitely replicated, would that not be DRMs on war?
Re: (Score:1)
"I'm sorry, Sir, I can't launch the weapons. The licensing server's gone down again."
I solved the puzzle! (Score:2)
Substitute smoke for electrons if that makes it more understandable and gives a better visual for the hotline idea.
Someone forgot to make a rule, that everybody will follow of course, not to mess with the IP phones used for the hotline. Can't mess with the networks they run on either!
Re: (Score:2)
Re: (Score:2)
Presumable a variety of different cracking tools, worms, and related pieces of software. As much as the film/TV idea of people frantically tapping on keyboards during an attack is exciting, in reality it's normally about semi-automated systems attacking automated systems. A "cyberattack" from a government is most likely to involve pulling something suitable out of storage, giving it target details and clicking "Go", rather than trying to code something from scratch on demand.
Re:Stockpiles?...of floppy disks.. (Score:2)
How are you going to verify that someone else is complying? Its one thing to be able to count missile silos or uranium mining operations, but how do you make sure that someone isn't resea
Re: (Score:2)
Or maybe Bruce is thinking ahead at what the Internet might be like a few years down the road.
If the governments had as much control over the internet as they wanted to, these treaties might be made under the assumption that each country keeps its house in order. Much like if a bunch of Canadians took up arms and started marching on American the Canadian Government would be in hot water trying to explain that one.
Same thing here - if you can't keep your own hackers and crackers in line than you pay the cons
Re: (Score:2)
An Internet killswitch is about as viable as a perpetual motion machine. Assuming that you could round up all the possible avenues into and out of the united states (and there are a LOT of them, not just a few major landlines), and get the collective owners to agree that a killswtich is a good idea, you can only realistically kill all traffic, since filtering is unreali
Re: (Score:2)
What exactly is a stockpile of cyber weapons? A room full of nerds and a case of Mountain Dew?
Yes. Although with only one case, that qualifies as a "small stockpile".
Oh, please. (Score:1)
Cyberwar is the new nuclear war.
Gimme a break. When I see a hacker kill off 100,000 people, then I'll take that statement seriously.
Jesus Christ, hyperbole is becoming the norm these days.
Re: (Score:2)
hyperbole is the new understatement!
Re: (Score:3, Interesting)
Gimme a break. When I see a hacker kill off 100,000 people, then I'll take that statement seriously.
Jesus Christ, hyperbole is becoming the norm these days.
QFT! Last time I checked a DDOS isn't capable of evaporating several hundred square miles like an ICBM with 6x600kT warheads. I think our leaders and 'thinkers' need to play around with a google maps mashup here [carloslabs.com], and see some friggin' clarity!
Hotlines are useless without a web of trust (Score:2)
How else could you trust the caller? Phones are just another form of IT.
Re: (Score:1)
And, o'course, if universal encryption (and thus resistance to governmental or corporate eavesdropping) became practical as a result...
Re: (Score:2)
Re: (Score:1)
A charitable definition of hotline includes some assurance as to the party it is connecting you to.
Whew. (Score:2)
Or (Score:4, Insightful)
We could just ban the use of Windows in critical IT infrastructure.
Re: (Score:1)
No OS is secure. There is -always- a way in, even if it's just social-engineering the guy with the passwords.
Moving to a non-Windows OS without addressing everything else at the same time would, in the end, have no real effect.
Re: (Score:3)
No OS is secure. There is -always- a way in, even if it's just social-engineering the guy with the passwords.
True. But I'd bet that the lock in the safe in my bank is more secure than the lock in my suitcase.
To say "No OS is secure" is very different than saying all OSes are equally insecure.
Re: (Score:2)
Gains in security can only be made with an organizational dedication to security from the top down--everyone involved must be made to realize the risks involved, and mitigations of these risks must be performed (and checked) at every level.
So if you switch over to Linux, great, good job. But if your secretary still opens every funny email that shows up, sooner or later you're going to get hit.
Re: (Score:2)
Re: (Score:2)
You seem to be a bit out-of-date in your thinking. Most of the bugs today are in the applications, on the platforms. SQL injection doesn't care about the operating system.
Which would make us LESS secure (Score:2)
Brilliant! That would make critical IT infrastructure less diverse, and make it even more likely everything could be taken out with a single zero day attack.
bad analogy ! (Score:5, Insightful)
Cyberwar is the new nuclear war.
No it's not. it used to be that nuclear weapons were out of reach for a private entity. It is not the case with cyberweapons. How do you regulate the action of the mafia or the triads ? How do you apply a treaty onto an individual ? Treaty and regulation works for limited availability weapon but for something as easy to produce, I dont see how it could work.
Re: (Score:2)
Cyberwar is the new nuclear war.
No it's not. it used to be that nuclear weapons were out of reach for a private entity. It is not the case with cyberweapons. How do you regulate the action of the mafia or the triads ? How do you apply a treaty onto an individual ? Treaty and regulation works for limited availability weapon but for something as easy to produce, I dont see how it could work.
If the world powers join to "pinch off" the threat, and the treaties and hotlines are in place to address that, then it has a chance of working.
Re: (Score:2)
If the world powers join to "pinch off" the threat, and the treaties and hotlines are in place to address that, then it has a chance of working.
So the US, China and Russia all agree to not hack electrical power plants? BFD. Who's going to convince Iran, Iraq, North Korea, Israel, Nigeria, Chechnya, Lichtenstein and Morocco to not make secret plans? Who's going to convince the various organized criminal entities? Who's going to stop J. Random Hacker, who can download and modify a copy of Stuxnet from the comfort of his mother's basement?
Think about it: the best (most experienced) people to ask for advice on how to be effective at stopping hacker
Re: (Score:1)
The proposition in your second paragraph is insane.
I'm pretty sure that the group of serious hacker stoppers excludes purveyors of DRM simply by definition.
Re: (Score:2)
It was intended to be laughable, but insane works for me, too. But the point is valid. Trying to defend stuff with DRM from determined hackers is similar in many ways to trying to defend anything else that can be found in the hands of determined hackers -- useless.
Re: (Score:2)
It was a clear example of what the world powers who oppose Iran are capable of. They understood the ASM that was being delivered to the controllers of SPECIFIC IRANIAN airgapped devices. The agency responsible was able to exfiltrate enough information regarding those devices that they could create a highly sophisticated operational "glitch" that would severly damage Layer 1 devices. That's worlds beyond someone knowing you have X phone with X version of firmware ...
Wrong. It WAS worlds beyond, but now we've delivered thousands of copies of it to terrorist wanna-bees around the globe.
The military developers of Stuxnet were certainly geniuses, but they were also short-sighted idiots who didn't consider the collateral damage of deploying a weapons-grade tool on the internet. All that brain-power you boast about is now in the hands of global sociopaths ranging from corrupt governments to 4channers who might redeploy it for teh lulz.
Assuming you know SCADA (and you can l
Re: (Score:2)
What does "pinching off" the threat even mean?
I'm not Bruce Schneier, so I can't explain what procedure he'd have in mind, but I can explain what I was thinking.
If a threat is coming from a particular node, set of nodes, or portion of the network that can be characterized (as DDOS are), the leaders can agree to drop those nodes off the network.
Example: If a particular DDOS was a problem, a hotline call might be placed by one country's leader to another (potentially separate from the network, since the DDOS might actually knock out network calls), and t
Re: (Score:2)
Essentially, in agreeing a line that will not be crossed, with well reasoned arguments for not doing so, anyone crossing that line makes an enemy of a lot of people at once. It might be harder to regulate worm/cracking tool development, but that doesn't mean there's nothing that can be done.
Re: (Score:2)
Cyberwar is the new nuclear war.
No it's not. it used to be that nuclear weapons were out of reach for a private entity.
That posed an interesting Google search for me, probably put me at the top of the US Watchlist. "Is it illegal to Own Nuclear Weapons?"
Which hasn't given me anything like what I'm looking for. Its more like everyone asking if Iran has nuclear weapons, new policies set forth by treaties and such... Nothing about a regular joe citizen owning a nuclear warhead, something I'm now curious about.
So I go next down the list, its gotta be like other weapons of the same classification. I google "Is it illegal to own
Re: (Score:1)
It is illegal and regulated by BATF to own unlicensed explosives, such as c4. It is, however, legal to own materials that do not explode but defligrate, such as black powder, so I suppose you could own a 'dirty' bomb that burns instead of exploding. But I know you are also not allowed to own unlicensed radioactive sources over a certain, minuscule, vasltly smaller than the critical mass of uranium or plutonium isotopes.
So without any citation of specific laws that reads "no person shall be allowed to own
Minerals? (Score:2)
I know you are also not allowed to own unlicensed radioactive sources over a certain, minuscule, vastly smaller than the critical mass of uranium or plutonium isotopes.
What about materials in the ground? Building materials?
I know this is nitpicking, but there is uranium in many rocks. If you own a big quarry, there could be a lot of uranium, certainly above the limit you are theoretically allowed to own, in those rocks.
Or what about real estate? In some places there's no distinction between soil and underground for ownership purposes. If you own a tract of land you own all that's between the surface and the center of the earth. There's certainly enough uranium to build a
Re: (Score:1)
There are restrictions on the possession of radioactive materials.
Re: (Score:1)
I'm pretty sure if you owned a nuclear bomb you'd be able to negotiate to keep it.
Re:bad analogy ! (Score:4, Insightful)
Exactly. Such an idea is rather worthless.
Threats to networks could come from governments, but they can also come from extremists, corporations, hobbyists, or a legion of meme-spewing 4-channers.
The targets can be just as varied. They might target corporate networks, government networks, utility infrastructures, or a website that happens to of highly political interest.
Even if governments agree to such treaties, how do we know that they won't operate secretly anyway, and just blame cyber criminals or rogue groups if they do launch an attack? It's not like data packets in cyber attacks carry flags.
Re: (Score:1)
How do you regulate the action of the mafia or the triads ? How do you apply a treaty onto an individual ?
Perhaps a clause guaranteeing the extradition of a private entity who engages in an activity that falls under whatever the parties to the treaty define as "cyber-warfare" would solve that problem. Perhaps not. Its definitely something that nations should be discussing.
Re: (Score:2)
No, it's not, but you missed the obvious reasons:
A cyber-attack won't kill hundreds of thousands of people in a flash of light, then kill millions more from cancers and other after-effects of the blast and fallout.
It won't obliterate acres of infrastructure and render the area uninhabitable for decades or centuries.
It won't scare the shit out of an entire range of humanity from the simplest of folk to the most-informed on the subject.
Frankly, anyone who compares cyber-war to nuclear war is blowing smoke up
Cyber weapons = Nuclear weapons (Score:2, Interesting)
Look at the stuxnet attack on Iran last month. If that country had a more developed nuke program a hostile neighbor (country X) could have had the opportunity to co-opt their systems and launch against Israel. Israel would immediately engage in a retaliatory strike and country X would be the winner (assuming they are anti Iran and at least neutral in their relations with Israel).
Country X in this case just became a nuclear power without ever facing embargoes, or hostility from the US.
Re: (Score:1)
Look at the stuxnet attack on Iran last month. If that country had a more developed nuke program a hostile neighbor (country X) could have had the opportunity to co-opt their systems and launch against Israel.
And fingers=bullets by the same logic. A cyber attack is not a nuclear attack, and a cyber attack that results in nuclear weapons exchange is still not a nuclear attack. An exchange of nuclear weapons is a nuclear attack. There have been fears of falsely attributed nuclear weapons launches since Russia's first nuclear test. The fact that spies could have (possibly) done the same thing doesn't make spying nuclear warfare. Neither is cyber warfare=nuclear warfare.
Re: (Score:1)
Re: (Score:2)
The Stuxnet went after control systems in nuclear power plants. The only thing that happened was they couldn't run - BFD.
No, that's not the only thing that happened. Stuxnet physically damaged a number of centrifuges, it prevented them from successfully enriching uranium, and its second payload appears to have been designed to cause their nuclear reactor's steam turbine to destroy itself, which would have delayed their ability to create a nuclear bomb for years.
Nuclear weapons have human controls - nothing gets launched without a human being turning keys and pressing buttons.
Sure, we're told that American nuclear weapons have human controls. But do we really know that Pakistan's missile triggers aren't connected to a computer network? Th
omg it's the cyercaust! (Score:2)
Quick! pick up the red emergency phone and dial the 16 year old 3l33t hax0r general in charge so he can fire the scripts! For great lols!
Re: (Score:2)
Exaggeration (Score:4, Insightful)
Re: (Score:2)
Re: (Score:2)
Tell that to those who have lost family members due to cyber attacks...
Re: (Score:2)
Network attacks are very easy to defend against
Not really, not if you're not talking about just pulling the plug. And in any case you still need to take the measures necessary to do so. Remember that McKinnon got access to a subcontractor's (I think it was) internal network by using a password cracker and a public RAT. That's incompetence, you say. Fine, but regardless of it's form or shape it's still a security problem, period.
Re: (Score:1)
You assume that a network or "cyber" attack is negligible compared to a real military attack. What about when those attacks steal or reveal sensitive military information, compromise troop movements, or even better silently alter or changes plans? Or how about if malicious software were to cripple a nations infrastructure such as power and water? Or steal the information regarding the whereabouts of critical personnel in military branches? What if a nation were to conduct economic warfare, such as targeted
Re: (Score:2)
What about when those attacks steal or reveal sensitive military information, compromise troop movements, or even better silently alter or changes plans? Or how about if malicious software were to cripple a nations infrastructure such as power and water? Or steal the information regarding the whereabouts of critical personnel in military branches?
You mean like when a spy watches the troops with binoculars and writes down what he sees? Like when someone follows a key military officer by foot?
What shall be subject to treaties and have hotlines next: binoculars, paper, pencil, or shoes?
Re: (Score:1)
There are already established guidelines for the things you describe ie rules of ware etc. The online equivalent of those items can have substantially more impact and scope then the in person. Hence it makes complete sense to at least establish some guidelines for how to go about those things. Right now online there is nothing to dictate what form warfare over the internet might take. If we have an opportunity to take proactive steps to limit those things in a sensible manner, we should do so.
slashdot=star trek ref (Score:1)
Ol' boy's gone off the deep end this time (Score:1)
It's another case of doing everything but locking and securing a sufficiently resistant cockpit door.
Zonk OMG (Score:1)
The Geneva Conventions... (Score:1)
Will it mean hackers and the like will be considered enemy combatants if taken prisoners? Won't they have to wear uniforms to distinguish themselves from 'terrorists'?
Too bad the black berets are already taken by the USAF. How about black hoodies?
I'm also pretty sure some will insist on including dice, wands or xkcd quotes...
Cyberwar Hotline (Score:5, Funny)
"Hello, cyberwar hotline. Have you tried turning it off and back on again?"
General purpose hotline? (Score:2)
Re: (Score:1)
VOIP phones between the responce centers ;-)
The actual hot line was originally a teletype machine. It was a red phone only in the movies and on TV. Probably upgraded by now.
ph34r (Score:1)
Missing the Point, entirely (Score:3)
There are tons of major differences between a nuclear weapon and cyber-'weapons' .
Firstly, how do you work out who sent it? A nuclear warhead is pretty easy to track - but what about Stuxnet?
Also, civilians aren't generally capable enough to create their own nuclear weapons, they can make cyber-'weapons'.
What it'll end up with is everyone agreeing that cyber-weapons are bad and banned, then doing stuff in secret.
The solution is better security. Yes, its an impossible goal - but its still more realistic than having the president going- "Dammit! My facebook has been DDOSed. Someone get me the Kremlin!"
Re: (Score:2)
>>Firstly, how do you work out who sent it?
By tracing it.
Re: (Score:2)
Re: (Score:2)
Once you've backtraced it, do you call the cyber police?
Re: (Score:2)
ITYM "backtracing".
cyberwar isn't about nation-states! (Score:3, Insightful)
Re: (Score:2)
Actual cyberwar is a matter for nation-states. That whole "autistic 14 year old super hacker from Ukraine brings down all of US infrastructure with a push of a button" scenario should stay where it began: crappy 90s sci-fi.
And calling WikiLeaks "cyberwarfare" is just, well, Palinesque.
Re: (Score:1)
Re: (Score:2)
Really? So far all I've seen are some mildly embarrassing and entirely inconsequential internal communications. Why must geeks always blow everything out of all proportion?
That's not even the point though, "cyberwarfare" refers to the "actions by a nation-state to penetrate another nation's computers or networks for the purposes of causing damage or disruption" (from Cyber War, via WP),
Cyber-conventions? (Score:2)
The cyber-dead will be strewn about the cyber-fields, and cyber-children will run in terror from cyber-napalm. WE'LL REVERT TO PRE-CYBER CIVILIZATION!
So... like today, but instead of cyber-dot, to complain about greedy corporations we'll have to go talk to our neighbors.
like the wikileaks war (Score:2)
Tell me that the attacks both visible (from idiots like Lieberman) and less visible (from so-called "hackers") are not the signs of cyberwarfare being directed against the power of free information via Wikileaks.
It makes sense, considering the following scenario (Score:4, Insightful)
Yo! You don't know who I am, and I'm not sure how I got your number, but there's this thing going down in the internal networks of a few dozen hospitals here, and we're tracing it back to a site in your country. Our expert will soon be on it (god willing, assuming we can find them and brief them and give them access to the binaries) but the code obfuscation and anti-reversing features are like acts of god almighty, and amusingly treated as such by the insurance companies. Could you please help us catch these crazy bastards for interrogation about the stopping key... pulling the plug? That won't work, it's a self-contained virus, bricking shit like a startled soviet-era comedian. Talk to my boss? Well, I'm not sure he knows how to deal with this... or for that matter which one of my bosses I'm supposed to call...
As (potentially) opposed to:
*calls the kr3ml1n h4x0r bünk3r (actual official name) from the American Cyber Command (actual official name)*:
Hello, we've got a massive self-replicating attack on our internal networked hospital equipment, much like the scenario we discussed a few months ago. We can't break the obfuscation, and IDA Pro gets eaten up from the inside by trying to analyze it, but you guys might have more luck with the binaries we've managed to capture. Also, some versions of the code communicates with a site in Russia - it's probably botnet nodes, but the "scary men in helicopters" protocol you spoke about using internally might work anyway.
Not to talk about the difference in reaction speed between the two.
Re: (Score:2)
*calls FSB major* Yo! You don't know who I am, and I'm not sure how I got your number, but there's this thing going down in the internal networks of a few dozen hospitals here, and we're tracing it back to a site in your country. Our expert will soon be on it (god willing, assuming we can find them and brief them and give them access to the binaries) but the code obfuscation and anti-reversing features are like acts of god almighty, and amusingly treated as such by the insurance companies. Could you please help us catch these crazy bastards for interrogation about the stopping key... pulling the plug? That won't work, it's a self-contained virus, bricking shit like a startled soviet-era comedian. Talk to my boss? Well, I'm not sure he knows how to deal with this... or for that matter which one of my bosses I'm supposed to call... As (potentially) opposed to: *calls the kr3ml1n h4x0r bünk3r (actual official name) from the American Cyber Command (actual official name)*: Hello, we've got a massive self-replicating attack on our internal networked hospital equipment, much like the scenario we discussed a few months ago. We can't break the obfuscation, and IDA Pro gets eaten up from the inside by trying to analyze it, but you guys might have more luck with the binaries we've managed to capture. Also, some versions of the code communicates with a site in Russia - it's probably botnet nodes, but the "scary men in helicopters" protocol you spoke about using internally might work anyway. Not to talk about the difference in reaction speed between the two.
So you're the guy they hire to fill in where the script says [tech]!
Re: (Score:2)
Nukes for everyone? (Score:1)
"Cyber War" by Clarke (Score:2)
Richard Clarke in his book Cyber War calls for some of the same kinds of controls. He calls for banning attacks on civilians, especially the banking system. He also calls for arms inspectors and an obligation of nations to assist in finding the source of attacks that come from within their borders. He calls for a "Cyber War Limitation Treaty" that would also ban putting logic bombs in civilian infrastructure. I really liked this part of the book.
peace,
isaac
Re: (Score:2)
If you examine your sig, you'll see that it can't possibly be true:
rule number 1 of slashdot: ANY thread can be twisted into a bash of microsoft. no exceptions.
You appear to have focused on the second part, without realizing that some threads (and indeed, whole articles) start out as microsoft bashing, and therefore can only be twisted into something other than a microsoft bash, if indeed, they can be twisted at all.
Re: (Score:2)
Not to mention nuclear war REQUIRES the resources of a government. Who is to say that a government is or knows they are responsible for an internet attack?