Slashdot Mirror
US, China Face Mutually Assured Destruction In Cyberwar
chicksdaddy writes with a tidbit from the RSA conference. From the article: "A panel of security and policy experts speaking at the RSA Conference in San Francisco on Wednesday said that, despite dire warnings about the information warfare capabilities of China and other developing nations, the risk of an all-out cyberwar is remote, and that the U.S. still holds many of the cards. Rather than trying to deliver a knock-out cyberwar capability, the U.S. should embrace the Cold War notions of containment and mutually assured destruction with advanced nations like China and Russia. Tried and true methods to win security from cyberattacks include international diplomacy, multilateral agreements that clarify the parameters for peaceful and hostile cyberactions and — of course — a strong offensive capability."
Old fashioned diplomatic horse trading will also be a critical tool for avoiding conflict and stemming the kinds of economic and military espionage that have become common in recent years.
As I stated above, I feel that the "economic and military espionage" is largely coming from one or two perpetrators. China will simply agree to everything, take the bargaining chip (whatever it is) from the US and then continue to play dumb.
In fact, the country's leaders are anxious to hear the opinions of U.S. policy experts on what an effective cyber war doctrine and policy should look like.
Right, right, "Excuse me, what are the rules so I know how to toe the line but still remain in good standing with the UN ... er, screw them, the WTO?"
This gem was really humorous:
"We as a nation know what steps we need to take to reduce our risk in cyber space," said Lewis of CSIS. "We may not want to, politically, but we know what those steps are."
A hot topic of conversation now within policy circles, cyber war is likely to end up as just another weapon in the arsenal of the U.S., China and other advanced nations, said Lewis. "People will figure out how to use it."
People will figure out how to use it? Now get off your lawn? Buddy if you can't take the time to pick up the paper or turn on CNN and watch 15-year olds downloading point'n'click bots to be a part of Anonymous, you don't deserve the title of "Senior Fellow at the Center for Strategic and International Studies." Let me assure you, people do know how to use it. Ragtag groups of teenagers roving the globe can band together and effectively use it. I'm sure governments aren't as ignorantly bumbling to catch up like they want us to believe.
My work here is dung.
Something makes me think that they will take the rest of us with them . . .
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
Part of the problem with outsourcing all of our IT manufacturing is that we don't know what foreign agencies can kill with a single switch. It's only a part mind you, but enough that we in the US should be severely concerned with. No matter how good our hacking staff is, if the hardware they are hacking on is killed from a remote location.. well.. that pretty much ends the game.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Are we heading toward a cyberwar with real casualties, like this?
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Cold War 2.0 sounds like a great idea... ohhh wait... "Tried and true methods to win security from cyberattacks include international diplomacy, multilateral agreements that clarify the parameters for peaceful and hostile cyberactions and — of course — a strong offensive capability." And proxy wars (http://en.wikipedia.org/wiki/Proxy_war) to keep it "hot" enough... also the name fits better for the "cyber age" (puke).
While we're busy cyber-assaulting each other in our cyber-war, will the US continue evacuating its industrial base to China?
Whatever makes the warmongers in congress happy.
At least this way we're not sending young men to die needlessly.
What do I know, I'm just an idiot, right?
Unless it includes a actual nuclear attack option at some escalated point, its not really MAD. As painful as it is to lose the internet, and as much as it would harm our economy, etc; it could hardly be construed at total destruction of the nation.
"If you break our internet, we'll break yours" doesn't really carry the same weight as "if you break our internet, we'll nuke you into the oblivion."
Mechanic: Somebody set up us the bomb.
Operator: We get signal.
Captain: What !
Operator: Main screen turn on.
Captain: It's you !!
CATS: How are you gentlemen !!
CATS: All your base are belong to us.
CATS: You are on the way to destruction.
Captain: What you say !!
CATS: You have no chance to survive make your time.
If an attack does come from overseas, just turn off the pipes (power off whatever devices the physical undersea fibers connect to). The problem with this is that they are likely setting up a massive botnet within the target country that cannot be blocked by such a method. And we do see that the government tends to not care to shut down botnets, even now.
now we need to go OSS in diesel cars
Trivially, an attack can be stopped or at least contained by simply pulling the network plug. I can't envision a scenario where we'd "lose the internet". We might lose connectivity to some areas for awhile, but it's not like there's some timed self-destruct code buried in Cisco firmware that could be activated en-masse.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Hello? Is this thing on?
Scenario A)
Total annihilation of all mankind, including most living organisms, with the world taking many centuries to slowly recover
Scenario B)
Facebooks r down
Idiots like these are the main reason Americans are so vulnerable to online threats.
I have written about why cyberwar is a false analogy, so mostly I will just repeat myself:
we both have the same to loose. So if China decides that they can get by with just their intranet then deterrence doesn't work. Especially since the stakes for the US and rest of the world would be total economic collapse. Also concerning is the less one side understands about the technological concepts and repercussions the more likely ether side is start a cyber war. and we all know our decision makers are crack technologists. A least nukes mean the total end of the physical world, where no one is likely to exactly know what would happen if we erased the virtual one.
as to what policy think tanks or security professionals actually endorse the same concept that nearly murdered everyone on the planet throughout the cold war. and frankly, i dont blame them. MAD is a no-win outcome every time. if you dont believe me, pick a short wave radio and listen to the stations that still broadcast on russias "dead-hand" system.
for those of us who insist turning the power off is good enough, and we're seriously considering MAD here, you can expect the cyber war drummed up by the war hawks to include everything from the toaster in the breakroom not working to nuclear meltdown. most hospitals SCADA bridges and traffic control devices as well as financial institutions will also be in various states of complete and total uselessness. expect oil tankers to drift aimlessly in the pacific and everything from verizon to iridium to enjoy a feet-on-desk hiatus.
Good people go to bed earlier.
We could do that, or we could just not be stupid. If you want monitor a nuke plant online, do that read-only. All the actual control belongs in the plant. Ditto with power systems. Military systems, etc. Then China can DDOS FaceBook all it wants, and nothing of value was lost.
All we have to do is screen out the Chinese Internet connections by Satellite and Cable and it will be like nothing happened.
You don't think all those "disused" satellites in orbit are dead, do you?
-- Tigger warning: This post may contain tiggers! --
this parasite on society?
to paraphrase a commenter from some URL: Remember, you're a product, NOT a user.
Yours In Osh,
Kilgore Trout.
Who are these war mongering whores?
CAPTCHA: scheming
Oooh, did you mod me -1 from Mars? No? You *never* will! BAAHAHAHAHAHAHAA!!!
"Chinese hackers: No site is safe - CNN"
"Chinese hacking worries Pentagon"
"Pentagon hacked, Chinese Army suspected"
"China denies hacking Pentagon computers"
Join the Slashcott! Feb 10 thru Feb 17!
Obviously, you could take out parts of an enemies infrastructure using digital means, and that makes sense to create chaos during or before an attack and such. However, an exploit could just be usable one time in a very visible attack. Surely large countries may have a bunch of secret exploits against critical systems. However, after the attack the other side may recover, patch it, and potentially find the previous uses of it and what you did with it.
However, where digital attacks are really outstanding is intelligence gathering. I would bet that opposing forces would much rather keep most their digital attacks covert to be able to use them as long as possible for pinpoint hidden attacks against specific infrastructure and broad information gathering, rather than making a big attack that will force the opposing force to take very defensive security measures.
For pure destructive force there are a lot of different options already, and they work very well if they can go hand in hand with digital means.
This just in... fighting with each other is sub-optimal compared to cooperating with each other.
Now you don't even have to read TFA.
"Tried and true methods to win security from cyberattacks include international diplomacy, multilateral agreements that clarify the parameters for peaceful and hostile cyberactions and — of course — a strong offensive capability."
I don't get it. The simple solution for negating "cyberattacks" is pretty simple and 100% effective: pull the plug. If it's SO serious that you MUST do something about it, then the short-term economic effect of cutting off the national network from international traffic is no big deal. You take a little while to figure out where the intrusions are, purge the relevant systems, and only bring them up again when you're reasonably confident you won't have to cut things off again (worst case, you do cut them off again, and try again to purge it). And if it isn't so serious that you must do something drastic about it, then who cares, really? At most it's a matter of unwelcome espionage that you must try to ferret out. It's not some grand, wide-scale "cyberwar". What you can't solve with a good firewall you solve by an air gap. Problem solved. War over.
We're always talking about how intentional malicious activities on the Internet get routed around. Well, if there's a persistent threat from some part of the Internet with a malicious intent, then you cut off that part and don't re-connect to it until you have a technical solution. In other words, you route around it, and maintain connections to the countries that don't pose a problem. If you're at war with such a country, then cutting them off fits with long-term practice anyway. Internal problems with internal agents? You figure out who they are and use the standard wrench on them so *they* are cut off. And if an autonomous bot is doing all the damage, well, it shouldn't (yet) be able to outsmart actual humans hell-bent on stopping it, once its master is in jail.
Cyberwarfare does require a strategy of some kind, but many billions of dollars of investment? It seems like overkill.
Power plants, utilities, manufacturing companies, IT companies, public transportation, personal vehicles, prison security, your ISP, cell phones, communication satellites, it all stops working at once (or in a very short amount of time). Our frail human existence has become so dependent on technology to tell us what to do (or do it for us), that 99% of humans could not exist only on the "fat of the land". There would be chaos, followed by death. Ironically, it is only the most backward regions that would survive and continue to reproduce more humans.
LAST US/CHINA cyber war the usa wasn't so hated and had "allies"
NOW?
NONE. What few they have are the govt crappy "you got caught kind"
and many that would have helped might now either side with china OR sit neutral.
I for one will never help any american in a cyber war.
YOU interference in Canada and other nations will be your undoing....ENJOY
Chinese networking and systems hardware isn't "Made In America".
blindly antisocialist = antisocial
You will know when cybergeddon begins, because you will hear the screams of the women and children. When facebook, farmville, twitter, and pintrest go dark, the fifth horseman will have been unleashed. --pc
Just unplug the goddamn thing! Jesus Christ!
'Rather than trying to deliver a knock-out cyberwar capability, the U.S. should embrace the Cold War notions of containment and mutually assured destruction with advanced nations like China and Russia'
or maybe just maybe they should stop acting like children in a playground.
We can haz pork?
If you were blocking sigs, you wouldn't have to read this.
the US is very dependent on computer systems, where China still has villages that dont have running water.
Even if both were equal in dependency and in capability, there is a human disconnect from the cyber world, which is why many kids perform cyber pranks without any thought other than the fact that its fun. In other words, a massive Cyber exchanges is very likely to happen, and so its a mad idea to take on the philosophy of M.A.D.