Slashdot Mirror
Military Appoints General To Direct Cyber Warfare
An anonymous reader writes news from The Guardian, excerpting: "The US military has appointed its first senior general to direct cyber warfare – despite fears that the move marks another stage in the militarisation of cyberspace. The newly promoted four-star general, Keith Alexander, takes charge of the Pentagon's ambitious and controversial new Cyber Command, designed to conduct virtual combat across the world's computer networks. He was appointed on Friday afternoon in a low-key ceremony at Fort Meade, in Maryland."
TFA doesn't seem to have any information on how General Alexander might be qualified for this position, and what his command will involve.
Here's hoping the guy actually knows something about cyber security, and isn't simply the management figure for actual security experts, or he could easily f*ck this up hard.
My other sig is clever.
Whoa, boy. You'd better be skeered. Most of the comm squad monkeys I knew never even touched computers before tech school.
Right arm, meet left arm. Hey, no...stop punching each other! Stop that....quit it!
Finally, if your AFSC dosen't begin with "2A", you are a weenie. Bonus points for 2A0XX, 2A3XX, and 2A5XX.
perhaps this guy will get major kudos for hacking the national debt clock back to zero.
he who controls the spice controls the universe
I guess someone has never heard of DARPA.
http://www.darpa.mil/
"The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
What goes around comes around. The ARPAnet was military. Now perhaps it may become so once again. (With apologies to Ash Wednesday in the Catholic Church for the subject line.)
Reverse the first and last name and you get this instead.
If the military used the Internet initially to store all their private information, but are getting cyberattacks now that the internet is public, why doesn't the military make Internet 2.0 where public citizens cannot get on. If they were in an Internet 2.0 that was impossible to get on from China, wouldn't that mean most hacks would stop?
God spoke to me.
Yes, the military can (and probably does already) have their own network. However, damage will be done to our country via the regular internet. Imagine if, one day, all the bank accounts in the country went to millions of dollars or to zero? The military is, hopefully, going to take care of those kinds of scenarios. We need a central command to handle such attacks.
Right now, it doesn't matter. He apparently knows how to use people who know more than he does. To me he proved that when he took out the honeytrap site (stupid move, but whatever).
From TFA:
This is the key point. Unfortunately the Federal government is SUPPOSED to move slow. The unfortunate part of that is something like cyberwarfare will always outstrip even the ability of a state government (with the assumption being that state government is meant to move quicker to respond directly to the needs of it's people) to make policy governing its use.
Soooooo....*shrugs*
I'm kind of torn on this. Let the government grind slowly away at policy like it should, or enable them to make snap, on-the-fly decisions with far-reaching ramifications. No matter what you choose, it's the wrong answer.
"There is a way that seems right to a man, but its end is the way of death." Proverbs 16:25 (NKJV)
All that goldfarming has to stop.
If you mod me down the terrorists will have won
The Chinese are sending zerglings! Mass up some marines and counter-attack!
Should his last name be Connor?
It's called SIPRNet. There are others too, JWICS, NSANet, and so on. They are internets (small i) in every way. However, they don't interact with the public Internet (big I). It is how they keep classified data separate. It seems to work quite well. At the very least there's never been a break in to them that has been revealed.
However, that doesn't mean there's nothing of importance on the Internet. It's not all just geeks chattering and LOLcat pictures. For example ATMs operate on the Internet these days. Heavily encrypted to be sure, but still. Companies make use of it for important business reasons. There are probably control systems for infrastructure on the net, and so on.
So, the government has an interest in making sure it work well. That would include being able to deal with a cyber attack. After all, protecting classified data does little good if the the infrastructure of the US is taken out. The government itself is only useful in so much as it can govern and protect the country.
Reasons like this are why things like AES exist. When the NSA was started, it was just a signals intelligence agency. Intercept communications, break codes, etc. While that's still a massive part of what they do, they were also instructed to work on securing the nation's computers. That was what lead to things like DES and AES. The government wanted businesses to have good crypto. Seems like they are serious too, AES has been analyzed for years, and remains extremely strong.
Same kind of shit here. They want to figure out how to protect important things on the regular Internet from attack. They are also probalby interested in counter attack capability. After all, other countries rely on the Internet too. Could be very useful in warfare.
Good defense starts with having lots and lots of contingency plans.
I am the very model of a modern Cyber General
I've information secretive and knowledge technological
I know my way around the tubes and quote the cryptological
From Adi, Bruce and Len to Ron in order alphabetical!
A story a couple of months back about US Cyber War said they were no good at it and would lose. I'm hoping my brain implant is from aliens instead of the States or that's probably not true. It's very sophisticated
Look for these things around 2015 or so if this is a field-test. If it's aliens, I think we're gonna have 2012
"...despite fears that the move marks another stage in the militarisation of cyberspace." Isn't that totally a tautology? "The military using the internet marks another stage in the militarization of cyberspace! Egad!" Um, duh. I'd be more concerned with the consequences of militarizing cyberspace, than with the fact that cyberspace is being militarized.
For some reason, reading the post, I got a mental picture of a pimple-faced, gangly teenager, in a green dress-uniform that is about 6 sizes too big for him. He's swimming in it, looks awkward, and the only thing he's wearing that fits is his black horn-rimmed glasses, complete with the ad-hoc masking-tape bridge repair above his nose. This man, with his comically oversized uniform, is going to be in charge of protecting us from cyberterrorists, cybercriminals, cyberdecipticons, cyberrabidpitbullswithaids, cybersharkswithfrickenlaserbeamsattachedtotheirheads, etc. I feel safer already.
The Internet is a network of networks of computers. It's not a military playground, and just because DARPA were involved in the creation of it doesn't make it American property.
Anything of critical importance such as military kit, medical kit, power, gas, and water infrastructure should not be on the Internet at all.
Nice story but Feynman is too modest here (or pretends to be on purpose?). Given how smart that guy was and given that he had a very practical view on things it is very, very likely that most of the things said were valuable contributions.
Not because he knew stuff about logistics but because he was one of the smartest people on earth. You simply want some of those in your meetings.
...against spammers.
On the other hand, maybe the military's of the world will get busy enough with the battles in cyberspace that they do less damage in the real world.
I'm sure virtual PTSD is easier to deal with.
What could happen in cyberspace that can't be solved by turning off the machines?
DARPA wasn't just INVOLVED in it's creation. I think you're missing the point though. If some other country with less "visibility" routes resources and creates a program for internet-based attacks, they don't have to be so forthcoming. If the US Government routes funding that's not in a "black" op and create a new Cyber Warfare Division without announcing it, someone SOMEWHERE is going to whip out an "OH NOES!!! SNEAKY BLACK PROJECT!!!" and it'll look like one. This way, they're out in the open.
I agree with your statements and sentiments. Unfortunately, the militarization of the internet has been happening for a while. We're just late (officially) to the party.
Sig not found.
cyber warfare refers to the use of internet to attack someone with computer virus or to acces computer security to steal commercial info to sell it to competitors, the cat and the mouse are out there . Canon SD3500IS
The NSA is an intelligence agency, I assume this means their primary purpose is to collect information. They might hack into a computer, but that would be to the purpose of obtaining information. The military is supposed to conduct offensive operations. Things like breaking into computers running dams or the electric grid to disable them. Psychological warfare by breaking into Web sites and changing what they show. Spreading disinformation into enemy communication channels.
Basically, this is probably about doing low level nasty things when the situation doesn't call for an all out shooting war, and making sure an enemy can't trust his networked computer systems in case of an all out war. I'm pretty sure the US isn't the only one doing this.
-- Support a free market in the field of government
Anything of critical importance such as military kit, medical kit, power, gas, and water infrastructure should not be on the Internet at all.
You're right. It shouldn't. It should use its own infrastructure, not connected to the Internet or the telephony network. Except for two problems:
1. Any custom network is going to be smaller and have less redundancies. There might be a failsafe to revert to a VPN, in case the dedicated network is down. Which it might be, in the case of war, due to either electronic warfare or bombardment. The military's job is to plan and train for nasty situations. Including "how to make a bad situation worse".
2. Pointy haired bosses and government incompetence are not unique to the west. Just because something should be done securely doesn't mean that it is. If an enemy makes a mistake, it would be stupid not to exploit it.
-- Support a free market in the field of government
What country will you attack when an independent group screws with a bank?
Under international law, the country which allowed the independent group to operate out of its territory. If the country isn't capable of policing its own territory, we have the right to defend ourselves by policing it ourselves. Otherwise, it would be too easy for governments to shrug and say "we didn't do it, it's not our fault that those terrorists happen to have stolen military supplies from our base, and recruited people who used to be our soldiers".
But just because somebody who we think works for the Chinese government brought down our banking system for a few days, we don't want to start a shooting war with China, which would have a death toll in the millions. So instead, we make sure we have the capability to mess with them at the same level.
-- Support a free market in the field of government
The OP mentioned "the militarisation of cyberspace". Gee, didn't cyberspace BEGIN in the military?
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
I've been reading "cyberwar" by Richard Clark. He didn't have anything bad to say about the guy in the story, except that he was the only person willing to take a (pretty much identical) position, that Clark had himself vacated. According to the book the US is actually very very good at cyber attack. But he also says that businesses, he specifically calls out Microsoft, have lobbied extensively, not just to have the government look the other way from their bugs, and keep using their software, but to not regulate security for private business. DHS protects .gov, this cyber thingy protects .mil. No one protects .com and .org. None of the companies want to have security regulations placed on them (including power grid, and financial systems), and neither the previous administration or this one wants to force them. I'm generally against regulation and consider it a bad thing (tm), (its like my department noting they are going to hire more managers, again), but he does make a compelling case. The guys (apparently a very small group) he spoke with at blackhat apparently were persuaded as well, though they (and he) are worried about what sort of oversight is needed, to prevent privacy and worse abuses. Its all well and good to force ISPs to disconnect people detected to be part of botnets until they get their machine cleaned, but false positives that correlate strangely with unpopular opinions on the websites is a truly frightening idea. On the other side, who can argue that FDIC insured banks don't have an obligation to keep the insured money safe per the guidelines of the insurer?
refactor the law, its bloated, confusing and unmaintainable.
Technically the militarization of the Internet began in the '70s: "in July 1975, the network had been turned over to the Defense Communications Agency, also part of the Department of Defense." (http://en.wikipedia.org/wiki/History_of_the_Internet#ARPANET_to_several_federal_wide_area_networks:_MILNET.2C_NSI.2C_and_NSFNet). Also technically nobody CAN own the Internet. Finally, everyone has a right to defend their part of the network. If you think it hasn't been militarized until now then you should go back to playing with your Lincoln Logs.
The Kobayashi Maru kicked his ass, but that's to be expected I suppose.
Say hello to my little sig.
Don't they understand there are industrial-strength nerds running all these Internet backbones? Just have a phone conference and start shutting stuff off. Ports, messages with certain content. Particular computers that are sending that content. They're probably way ahead of the military already.
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
WE SALUTE YOU!
Boredom is bliss.
If you chose to connect your network to a pre-existing military network, that's your mistake.
Welcome to the Panopticon. Used to be a prison, now it's your home.
"Hypocrite! First get rid of the log in your own eye; then you will see well enough to deal with the speck in your friend's eye."
The good old US of A is the leading spam generating country by May 24, 2010: http://www.spamhaus.org/statistics/countries.lasso . It's got on the first place spam-wise in the world.
As far as I know the US army cannot act on the territory of the United States. But the spam is destroying our businesses. Colleagues have to spend a lot of time to deal with spam. Even filters do not help anymore.
It it the police, not army, who has to deal with cyber criminals. And also there is a role for Interpol and ITU.
A state gov that inacted legislation to protects its state interest and enforce existing laws would face Federal scrutiny and charges of racism and/or racial profiling.
Just ask Arizona.
I propose target practice on all the spammers, scammers and malware providers, in the world. They can self-assess by running out of targets.
PTSD suffers from you!
Wait, let me try again...
PTSD in cyberspace involves pasty skin and no social life beyond Facebook.
Yes, because self-denial of service is the best answer to the problem.
Please help me... Is there a cyber war? Yes, sure there are some people trying to use internet to steal information from governments, even other governments hiring people to do so... Is that the so called "cyber war"?
If so it just makes no sense generals commanding "cyber troops" and stuff... Just hire some decent and reliable programmers (and, mostly, hackers) to find and fix bugs in the system... Also I remember seeing something about a "simulated cyber attack"... What could this be? any flaw discovered would be reported and fixed, so what was that, a ddos attack? ddos also doenst make much sense, there is pretty much no way to protect from ddos, the one with higher bandwidth "wins"...
Well, anyone can explain me what is the so called "cyber war"?
u know, i always wanted to know how they sync
all those generators across the country to those
50 Hz, or 60Hz, id you're in the U.S.A.
controversial new Cyber Command
Skynet sound familiar to anyone?
... to evaluate what threats there are to Amerca's infrastructure via the Internet, and what is involved to counteract that.
A lot of that may involve encouraging other parties to "pull finger", as some of the necessary policies and law changes would be outside his scope.
In World War II the RAF was responsible to defend Great Britain from German Bombers, but civilians had to play their part by complying with blackout regulations. Also many other facets of government had to be involved.
So to with Cyber Security, it is beyond the capability of the most funded and competent miltitary to carry the burden by themselves.
Disrupting America's electricity distribution grids would be easier, more cost effective, and quicker; than attempting to use conventional munitions, which would need to delivered by aircraft and/or rockets.
Early warning and accuarate estimates of any attack in progress, and the capacity to respond in a timely and appropriate manner would also be high in priority.
Unfortunately, it is probably politically impossible to ban the use of Microsoft systems being connected directly to the Internet. Even if that could be done, there is still the problem of infected memory sticks left in parking lots...