US Cybersecurity Plan Includes Offense

z4ns4stu writes "Shane Harris of the National Journal describes how the US government plans to use, and has successfully used, cyber-warfare to disrupt the communications of insurgents in Iraq. 'In a 2008 article in Armed Forces Journal, Col. Charles Williamson III, a legal adviser for the Air Force Intelligence, Surveillance, and Reconnaissance Agency, proposed building a military "botnet," an army of centrally controlled computers to launch coordinated attacks on other machines. Williamson echoed a widely held concern among military officials that other nations are building up their cyber-forces more quickly. "America has no credible deterrent, and our adversaries prove it every day by attacking everywhere," he wrote. ... Responding to critics who say that by building up its own offensive power, the United States risks starting a new arms race, Williamson said, "We are in one, and we are losing."'"

Re:Just give it time

[TheLink]

No country would start a war with the USA. Not now or in twenty years. Just look at the USA's "defense" budget compared to the rest of the world _total_.

They're like "that survivalist guy with a whole basement full of guns, ammo, grenades and a rocket launcher or two". It'll be suicide to go up to his house with a BB gun and shoot at it.

If anyone wants to hurt the USA they'd have to do it more sneakily - so there's no obvious target for their nukes, cruise missiles, bombers etc.

Same goes for this "cyberwarfare" thing. A massive concerted attack from your country against the USA will just get you bombed.

The US media likes to make noise about China/<bogeyman of the day> launching cyberattacks on US servers. The fact is, if the Chinese Gov was really involved, the US Gov will just call the Chinese ambassador in, and say: "Hey stop that now". But really which government is going to do that? If my government wanted to start a war with the USA - cyber or otherwise, a real act of patriotism would be to shoot the idiot leader(s) who came up with that idea.

The attacks are mainly from a bunch of script kiddies or criminals. If the US Gov is really serious about reducing the attacks they should just go follow the money/control channels, and jail the people responsible if they're in the USA (won't surprise me if many are actually from the USA- after all Sanford Wallace is in the USA, and the BlueHippo thing was in the USA ).

Re:Wait what?

[HiThere]

FWIW:
I remember reading, I think it was a decade or two ago, about a Nuclear plant that had in internal network for just that reason. And total separation.

Then they hired a consultant to test or fix something, and that consultant brought in his computer and hooked it up to their network, but he needed some info that was kept on his company's site, so he also hooked it up to the main internet.

Well, the virus wasn't all THAT damaging, THAT time.

Separating the nets is VERY desirable. But if you really want to be safe, you need to also use different communication protocols. Different strings for local URIs, etc. Even a simple change would probably be enough, but even a simple change would be a tremendous hassle to implement.

Say you adopt the httq protocol instead of the http. Now you need to modify all the programs that expect http...because you don't want a rogue http link that sneaks in to be able to be processed. Quite a simple change... You'd want a series of changes at about that level of simplicity, and at all 7 levels of the protocol stack. Each one trivial.

Now try to run your MSWind software.... Whoops! All you can run is software that either doesn't depend on the net, or is specially crafted. This means OSS, and practically FOSS software.

(I suppose there might be simpler solutions, but every one I thought of I soon saw holes in.)