Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Planning Response To a Cyber Attack

Posted by kdawson on from the one-less-cyber-cafe-in-Karachi dept.

We've all heard of Google bombing; the US Government may be taking the expression rather literally. Planning is now underway across the government for the proper way to respond to a cyber attack, and options on the table include launching a cyber counterattack or even bombing the attack's source. The article makes clear that no settled plan is in place, and quotes one spokesman as saying "the preferred route would be warning the source to shut down the attack before a military response." That's assuming the source could be found. From the article: "If the United States found itself under a major cyberattack aimed at undermining the nations critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source."

28 of 359 comments (clear)

  1. Bombs? That's ok... by Black+Parrot · · Score: 4, Insightful

    I didn't want those zombied servers anyway.

    --
    Sheesh, evil *and* a jerk. -- Jade
    1. Re:Bombs? That's ok... by Anonymous Coward · · Score: 5, Funny

      A few bombings ought to move people off Windows.

    2. Re:Bombs? That's ok... by anagama · · Score: 4, Interesting

      Finally a reason (aside from erroneous child porn prosecution) to do something about all those compromised machines. If people thought the police might bust down their door to stop their computer from doing illegal things, they might think about being more responsible. Considering the damage an unattended compromised pc can do, it really is surprising that people don't face liability. If you keep a dangerous instrumentality on your property, and it causes damage to others, you are liable for that if the harm is foreseeable. Considering how the news has been peppered with these stories about compromised pcs causing people problems(*), the harm is now foreseeable.

      (*) A total non-geek person I know brought up that AZ child porn case to me in conversation and mentioned she thinks her machine is probably compromised too.

      --
      What changed under Obama? Nothing Good
    3. Re:Bombs? That's ok... by paeanblack · · Score: 5, Insightful

      If you keep a dangerous instrumentality on your property, and it causes damage to others, you are liable for that if the harm is foreseeable.

      That is only true if all responsible parties are held to a reasonable level of accountability.

      If you found out that your oven was, without your knowledge, part of a local arson ring, you'd be pretty upset a being held accountable for the neighborhood damages. You'd probably blame Kenmore for making such a thing remotely possibly in the first place, since it has no connection with how or why you bought the oven in the first place.

      Until the hardware mfgrs, OS mfgrs, software mfgrs, and users are all held to roughly similar standards, you can't place all blame on the user.

      To put things a different way:
      -If 1% of your products cause widespread damage, then 1% of your users are idiots.
      -If 5% of your products cause widespread damage, then 5% of your users need training.
      -If 25% of your products cause widespread damage, then you are the idiot.

    4. Re:Bombs? That's ok... by StikyPad · · Score: 4, Funny

      True, but if 100% of your products cause widespread damage, you get a seat at the UN Security Council.

      --
      https://www.eff.org/https-everywhere
    5. Re:Bombs? That's ok... by cryocide · · Score: 5, Insightful

      Your scenario is a little off, since your oven can't walk out of the house and burn someone else's house down. Let's try a more realistic scenario.

      You buy a new drive-by-wire car. Then either of the following happens: You forego the option to park your car in a readily-available garage and a terrorist quietly breaks into it, or you simply take the car to a garage that you thought was reputable because of its professional-looking store front but was in fact a terrorist-run shop. Either way, they had their way with your car, installing hidden remote controls on the drive-by-wire system. Then they install a bomb using any available space, such as the empty body panels, inside the seats, etc. They can now damage or destroy any bridge they like, but you never knew what they did to your car, so you went on with life as usual. Then they did it to other owners' cars around town that were similarly vulnerable to compromise or social engineering.

      Now for the best-case-scenario version of the outcome. We'll assume that the bridge is unoccupied, so there is no human life lost when they take your car and all the other zombie cars on their final joy ride, but the bridge is damaged and has to be closed while its structural integrity is assessed. Meanwhile, traffic has to be rerouted or stopped altogether. People can't get to work. Goods can't be delivered. The general population is afraid that there will be another attack, possibly trapping them in their neighborhood.

      Now imagine that the cars were your computer and all the other zombie machines out there, the home garage was a simple NAT router or decent software firewall or the repair shop was a software package that contained malware, and the bridge was any major server or router that a decent-sized portion of the internet population relies on for day-to-day electronic transactions.

      Do you really think it was the car manufacturer's fault that you left the car unprotected, or worse, you handed the keys to an untrustworthy mechanic because he had a professional-looking shop? While I don't think the car's owner should be held criminally responsible, I think they unknowingly forfeited the car when they ignored their responsibility to keep it reasonably secure. Don't be surprised if the government starts fragging driverless cars once they've identified them.

    6. Re:Bombs? That's ok... by tsm_sf · · Score: 5, Funny

      Your scenario is a little off, since your oven can't walk out of the house and burn someone else's house down. Let's try a more realistic scenario.

      You buy a new drive-by-wire car.

      You can tell right there it's going to be a good analogy.

      --
      Literalism isn't a form of humor, it's you being irritating.
    7. Re:Bombs? That's ok... by CmdrGravy · · Score: 4, Funny

      throttle by wire is common Indeed, I believe it's know as garrotting.
  2. botnet by TheSHAD0W · · Score: 5, Funny

    I wonder what their response would be to the attack of a botnet. Carpet bombing, maybe?

    1. Re:botnet by Cyberax · · Score: 4, Funny

      Nuclear arms, of course :) The ultimate solution for spam and cyberattacks.

    2. Re: botnet by Black+Parrot · · Score: 5, Funny

      > I wonder what their response would be to the attack of a botnet.

      Good thing the story isn't on a DoD site, or Slashdot might get some retaliatory cruise missiles.

      --
      Sheesh, evil *and* a jerk. -- Jade
    3. Re:botnet by Hoi+Polloi · · Score: 4, Funny

      This is why I make sure all of my zombie systems are physically located in US government facilities.

      --
      It is by the juice of the coffee bean that thoughts acquire speed, the teeth acquire stains. The stains become a warning
  3. An option... by yourexhalekiss · · Score: 5, Funny

    That's an option that the Feds have that the average whitehat doesn't: calling in airstrikes against the DOSer.

  4. Military action is unlikely to be a solution by Space+cowboy · · Score: 4, Insightful

    In the event of a massive cyberattack against the country that was perceived as originating from a foreign source, the United States would consider launching a counterattack or bombing the source of the cyberattack, Hall said. But he noted the preferred route would be warning the source to shut down the attack before a military response


    There's a lot wrong with this. Off the top of my head...

    Any sustained attack on network infrastructure, on the scale that they're talking about, is almost certainly going to be a distributed attack. Botnets have no patriotic allegiance, their locality is a function of machine vulnerability (eg: N. Korea's dependence on Active-X), not politics.

    If I'm crafting an attack, I don't have to even tell the truth about my IP address, TCP allows the sender to specify a (fake) IP address. Obviously I won't get any replies, but I don't care if I'm simply out to cause damage

    Geolocation of IP addresses is pretty much a black art as well - there's far too much variability by IP address to try and localise to the precision needed for bombing the source. My hostip.infowebsite only attempted to locate to the /24 netblock, and even then only managed ~50% accuracy.

    Not to mention that it's a pretty big precedent to set... At least they're talking about talking, before bombing; the problem is that if you make a threat to bomb someone, you have to be prepared to carry it out. Countries can't afford to be seen to be bluffing when it comes to things like this, the impact on future negotiations is too high.

    Simon.
    --
    Physicists get Hadrons!
    1. Re:Military action is unlikely to be a solution by CRCulver · · Score: 4, Informative

      Botnets have no patriotic allegiance, their locality is a function of machine vulnerability (eg: N. Korea's dependence on Active-X), not politics.

      South Korea has a problem with banks etc. relying on Active X. North Korea has little computer use to speak of.

  5. spoof by brenddie · · Score: 5, Interesting

    So if we can spoof enough IP's we can get the USA to bomb any country of our choosing.... interesting.

    --
    The best test environment is production. - Me
    chrome://browser/content/browser.xul
    1. Re:spoof by ghstomahawks · · Score: 5, Funny

      What about a certain ranch in Texas ....?

  6. tilte confusing, google has nothing to do with it. by deft · · Score: 4, Insightful

    At first I thought the US government might be using it's PageRank power to make terms like "nuclear threat" bring up URL's like iran.gov (or whatever their whitehouse.gov correlary might be). In fact it was just a weak attempt to use the word bombing twice and mislead.

    Instead, the US is just aknowledging that attacks on it's internet infrastructure can be responded to just like physical attacks.... by military attack.

    Is anyone suprised that if one place was pinpointed as the source of the attack on any countries infrastructure it might be a target? I'm not. The net is more important than some buildings at this point.

    The only thing I'm suprised is to expect any attack to be from one place... I'd expect it to be distributed. But thats ok, we have bombs for that too. ouch.

    --

    There's nothing Intelligent about Intelligent Design.
  7. Uhh... woudln't just be easier... by thestudio_bob · · Score: 5, Funny

    Uhh... woudln't just be easier to bomb the source. It's not like we don't know where Micro$ofts head quarters are.

    --
    The real Sig captains the Northwestern. This one captains /.
  8. Slashdotted:No more submissions to .gov/mil sites by NZheretic · · Score: 5, Funny
    To Commander "Taco"
    Please cease and desist linking to site xxx.mil ( reacted ) or whitehouse.gov or else we will bomb you.

    Signed G.W. Bush.

  9. Scene from the War Room by mbstone · · Score: 5, Funny

    General, the bombers are ready to go and the cruise missiles are fully fueled. And our intel group has pinpointed the source of the attack. It's coming from 127.0.0.1 .

  10. Re:It doesn't matter where the attack in terms of by Anonymous Coward · · Score: 4, Insightful

    No, North Korea won't get bombed. They have got nuclear weapons, but they haven't got any oil.

    You can be quite sure, even now before the attack has started, that the intelligence will point to Iran being responsible. In fact, it is most likely that Iran will be have to be bombed before the cyber attack starts, in order to preempt it

  11. Re:denial of service by TubeSteak · · Score: 5, Funny

    Well, this has some great potential for denial of service attacks by forging the source of a cyber attack.
    The practical joker in me can't wait until someone forges an attack using the WhiteHouse.gov IP.

    OTOH, I suspect that the NSA & DoD aren't that stupid
    --
    [Fuck Beta]
    o0t!
  12. I think.... by Derek+Loev · · Score: 5, Insightful

    I think that we're all reading too much into this. The article is basically saying that if somebody is going to attack the US in a way that would be damaging to the country that US is prepared to retaliate...by any means necessary.
    I'm not sure if I agree with everything in the article but it is the Government's job to protect this country and there are a lot of businesses and people that demand on the internet. If some outside source could mess with this it would be devastating to the economy and the country...

  13. Redefines... by DimGeo · · Score: 4, Funny

    ... Internet Exploder... Click that link and you and your entire fraking town are history.

  14. I see it now by aschoeff · · Score: 4, Interesting

    Both the RIAA and the MPAA manage to insert sufficient language into some unrelated bill (ala what they tried with the Patriot Act) that authorizes preemptive strikes against p2p networks, saying that they could serve as massive distributed attack vectors against our nation's cyber-infrastructure.

    Flip forward a few weeks. I wake up on a typical Sunday like today and start up Azureus. Within a couple of minutes, a tomahawk cruise missile is launched from a regional military installation.

    The upside of my imminent demise is my last minutes will be spent mellowly and obliviously perusing mininova, seeing if anyone uploaded a torrent for that one episode of The Daily Show I missed last Thursday.

    If only I had stayed up past 10PM that night, I would never have brought this on myself.

  15. oh really - this is just hilarious by toby · · Score: 4, Funny

    When you're a country with a hammer, everything looks like a snowglobe, eh?

    --
    you had me at #!
  16. Re:Hell Yeah by Doc+Ruby · · Score: 4, Interesting

    The real way to look at it is that there was a successful terrorist attack a year into Bush's responsibility. And since then, Bush has achieved so many more terrorist goals than any little terrorist could on their own that there's little need. Including killing thousands more Americans, destroying our military, bankrupting our treasury and our morals. And most especially destroying our freedoms and sense of security by sowing massive terror every time Bush shows his face in public.

    If there had been another planebomb, you'd use that to justify Bush getting even tougher. Just like you're surely cheerleading Bush's current escalation in Iraq. You zombie Republicans are so predictable.

    No one believes that gibberish about fighting them there so we don't have to fight them here. Except maybe you, Anonymous Dick Cheney Coward.

    --

    --
    make install -not war