Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is Cyberwarfare Fiction?

Posted by CmdrTaco on from the hands-off-my-grid dept.

An anonymous reader writes "In response to calls by Russia and the UN for a 'cyberwarfare arms limitation treaty,' this article explains that 'cyberwar' and 'cyberweapons' are fiction. The conflicts between nation states in cyberspace are nothing like warfare, and the tools hackers use are nothing like weapons. Putting 'cyber' in front of something is just a way for people to grasp technical concepts. The analogies quickly break down, and are useless when taken too far (such as a 'cyber disarmament treaty').'"

17 of 205 comments (clear)

  1. Cyber warfare: FUD for vendors. by AnonymousClown · · Score: 1, Insightful

    I can disable the national power grids of half the countries in the world using nothing more than an iPhone

    And you need a guy there to knock out the backup generator.

    Please, knocking out the power grid or making all the red lights turn green or whatever they're afraid of is nothing like having a bullet penetrate someone or a bomb going off - it's almost impossible, if not impossible to kill someone by hacking into a computer.

    Shut something life threatening down or screw it up by hacking into it? There's backup or work around.

    "Cyber warfare" is a small threat and not worth all the time and money spent on it. We should be spending the effort on ground surveillance and other means to reducing life threatening issues.

    --
    RIP America

    July 4, 1776 - September 11, 2001

    1. Re:Cyber warfare: FUD for vendors. by jofny · · Score: 4, Insightful

      Please, knocking out the power grid or making all the red lights turn green or whatever they're afraid of is nothing like having a bullet penetrate someone or a bomb going off - it's almost impossible, if not impossible to kill someone by hacking into a computer.

      You're flat out incorrect here. First, not only can the power be shut off, but generators can be made to explode. Second, if you mess with the supply chain electronically, it's possible to do some really interesting stuff with medical supplies, parts for just in time manufacturing, etc. Could go on - but the overall effect is direct, substantial life threatening consequences.

    2. Re:Cyber warfare: FUD for vendors. by qortra · · Score: 4, Insightful

      whatever they're afraid of is nothing like having a bullet penetrate someone or a bomb going off

      I'm not confident that you fully understand the perceived danger on the part of world leaders. The issue is that people with an inordinately high ability to compromise computer systems might have access to information. Consider information like troop movements, secret bomb/nuclear supply facilities, infrastructure weak points, and financial information (account balances, passwords, etc). While compromising a system with this information may not kill somebody directly, the information could most certainly be used to kill many people, or perhaps to temporarily stunt or even cripple entire economies.

    3. Re:Cyber warfare: FUD for vendors. by ThunderBird89 · · Score: 4, Insightful

      Cyber-warfare is not about killing people, it's about killing the country.

      Think: no mains power, the backup generators can only sustain so much equipment for so long. Since the fuel pumps don't function either, you can't hop down to the gas station to buy some more fuel, and it will eventually run out. Then what? Production grinds to a halt, administration is disabled, communication services non-functional.
      All you need then is one act of terrorism. No ambulances, no firefighters, as nobody can call for help. If someone does make it to the hospital, no X-ray, no life-support, no vital monitors, no defibrillator.

      And this is just one scenario. Use your imagination!

      --
      Hyperbole: I use it liberally!
    4. Re:Cyber warfare: FUD for vendors. by rickb928 · · Score: 3, Insightful

      "Please, knocking out the power grid or making all the red lights turn green or whatever they're afraid of is nothing like having a bullet penetrate someone or a bomb going off - it's almost impossible, if not impossible to kill someone by hacking into a computer."

      What the hell are you doing on Slashdot?

      Turn all the traffic lights green in even a small part of Los Angeles, and I think it's likely someone will die in an accident caused, proximately, by the hacking of the traffic control system. Simple enough.

      Crippling a cell system might result in the failure of any number of people to make contact and deliver critical information, resulting in accidents, mistakes, lack of care, and those could result in needless deaths.

      If your definition of 'warfare' must include deadly force, then much of what we think of as 'cyberwarfare' doesn't meet that definition. Emptying bank accounts, DDOS attacks, defacing websites, etc. probably don't quite rise to the definition of deadly force. But I have only the one example of traffic control. Oh, another one - disabling at least some of the electrical grid seems to be possible, and blackouts can easily result in deaths.

      There's plenty of hype around 'cyberwarfare'. Now to listen to the hype around 'smart grids', and how people will feel when their refirgerators get turned off during the day, or the furnace runs continuously on 103 days. Or any number of interesting nuisances that aren't fatal (except for your plants, pets, and bed-ridden grandmother) but are sure a pain.

      Oh yeah. Grandma. She might not think it's to hot until she's too faint to reach the phone.

      Food for thought. Go smart grids, go!

      --
      deleting the extra space after periods so i can stay relevant, yeah.
    5. Re:Cyber warfare: FUD for vendors. by AtomicJake · · Score: 2, Insightful

      Those power plant generators have a ridiculously high cost and lead time, and if they do it right, you won't know who did it, so you'd be impotently waggling your spear at no one in particular.

      They also run on their own closed-circuit network, so good luck causing trouble without physical access or making yourself pretty obvious digging up the cables.

      Or find out that the closed-circuit network was not that close as you thought...

    6. Re:Cyber warfare: FUD for vendors. by PeterBrett · · Score: 2, Insightful

      They also run on their own closed-circuit network, so good luck causing trouble without physical access or making yourself pretty obvious digging up the cables.

      They also have fixed electromechanical failsafes. I think that most electrical engineers are sufficiently aware of the fact that computers go wrong not to put protection solely in the hands of software.

      --
      Pirate Party UK
  2. Re:The only new thing is the UN by Monkeedude1212 · · Score: 2, Insightful

    They are all FBI Agents.

  3. Warning, noobish question ahead. by Pojut · · Score: 5, Insightful

    One of the common claims regarding "cyber warfare" are attacks against the power grid. What I'd like to know is this: why is the power grid accessible to any outside system?

    --
    Living With a Nerd
    1. Re:Warning, noobish question ahead. by PolygamousRanchKid+ · · Score: 3, Insightful

      why is the power grid accessible to any outside system?

      Because using the Internet is way cheaper than building your own intranet.

      --
      Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
  4. Maybe not today but in the future. by elucido · · Score: 4, Insightful

    When millions of people in key positions have artificial hearts, limbs, microchips in their body, nanotechnology with RFID in their clothes, then cyberwarfare becomes something physical.

    If hackers can stop the artificial heart of somebody important, this is no different than assassinating the person.

    1. Re:Maybe not today but in the future. by easterberry · · Score: 2, Insightful

      No, it would be murder. I'm not sure how important you have to be to get 'assassinated' instead of just 'killed' but the line seems to be somewhere around viscount.

    2. Re:Maybe not today but in the future. by Opportunist · · Score: 2, Insightful

      You are aware that you're talking about people who put their private life in the hands of Facebook and the like, yes.

      But hey, maybe that's the cyber version of Mendelian selection.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. no different from other metaphors by csrjjsmp · · Score: 2, Insightful

    It is warfare in the same sense that computers think or ships swim. In other words, it really isn't, but it's a convenient metaphor to use because the truth is too complicated for the average person.

  6. It's a very useful fiction... by fuzzyfuzzyfungus · · Score: 5, Insightful

    The convenient thing about "cyberwar" as a slogan is how it allows you to extend the notions of "wartime" into virtually every nook and cranny of life and infrastructure.

    The term "cyberwar" quietly implies that virtually any net-connected system is a potential or actual combatant. From here, it's just a hop, skip, and a jump to applying military/wartime standards for such niceties as atttacking systems, or requisitioning access. Even better, since "cyberwar" is, for suitably nebulous definitions, something that occurs pretty much constantly, among a wide variety of state and nonestate actors, with various levels of covertness, the mandate covers basically everybody, everywhere, and is of unlimited duration(See also: "Global war on terror").

    Who needs bullshit like "warrants" or "due process" when any computer system can simply be declared to be an "enemy combatant" or "materially supporting an enemy combatant"? If you think the notion of charging an object in order to avoid procedural restrictions is absurd, be aware that it is already standard practice in the context of "asset forfeiture". (which makes for some rather ridiculous case names...)

  7. cyber is a dumb name but it is real by jollyreaper · · Score: 4, Insightful

    Sticking a stupid name on something and overblowing what it means isn't the same thing as it not existing to begin with. Computers are vulnerable. People who don't like us can exploit those vulnerabilities. But this is really just another arena of non-shooting conflict, all under cloak and dagger.

    The CIA has a long history of trying this sort of thing, sometimes successfully, many times not. There's directly funding revolutionaries, slipping agents into countries, running guns, sponsoring assassination attempts, economic sabotage, infrastructure sabotage, spying with human intelligence, electronic intelligence, satellite intelligence, etc. The CIA has a history of over-promising and under-delivering but this doesn't mean they won't still try.

    The Russians have traditionally been much better at running spy rings. The beauty of hacking is you don't even have to put your own assets in-country and risk their capture.

    On one hand, I don't think we'll ever get to the point where it can be Die Hard 4 info-Armageddon with hackers blowing up power plants at will. I think that public screwups will force a higher level of security and more rigorous design so that we are less vulnerable to external attacks. On the other hand, the BP fuckup shows that reason and logic are poor tools for explaining the behavior of large organizations. BP should have taken drilling seriously. They should have realized that they had no good plans for capping an uncontrolled well so if they were going to drill, the only option would be making sure they would never, ever, ever have an uncontrolled well. All the internal warnings they had in the months leading up to the disaster should have been their opportunities to stop the disaster before it happened. And we can see how it turned out.

    --
    Kwisatz Haderach
    Sell the spice to CHOAM
    This Mahdi took Shaddam's Throne
  8. ... in bed. by Zarf · · Score: 3, Insightful

    Putting 'cyber' in front of something is just a way for people to grasp technical concepts

    ... in bed.

    The analogies quickly break down, and are useless when taken too far

    ... in bed.

    --
    [signature]