US, China Face Mutually Assured Destruction In Cyberwar

← Back to Stories (view on slashdot.org)

US, China Face Mutually Assured Destruction In Cyberwar

Posted by Unknown on Thursday March 1, 2012 @06:46AM from the bad-movie-plot dept.

chicksdaddy writes with a tidbit from the RSA conference. From the article: "A panel of security and policy experts speaking at the RSA Conference in San Francisco on Wednesday said that, despite dire warnings about the information warfare capabilities of China and other developing nations, the risk of an all-out cyberwar is remote, and that the U.S. still holds many of the cards. Rather than trying to deliver a knock-out cyberwar capability, the U.S. should embrace the Cold War notions of containment and mutually assured destruction with advanced nations like China and Russia. Tried and true methods to win security from cyberattacks include international diplomacy, multilateral agreements that clarify the parameters for peaceful and hostile cyberactions and — of course — a strong offensive capability."

32 of 110 comments (clear)

Min score:

Reason:

Sort:

In My Opinion, One Horrible Analogy by eldavojohn · 2012-03-01 06:47 · Score: 5, Insightful

Cyber-war and cyber-security and cyber-whatever you want to call it is not like nuclear war. Cyber-warfare is happening now and governments responsible for it (and I'm sorry for sounding so biased but this is largely the Chinese) are denying they're attacking anyone. And they can do this because a large number of attacks don't cause immediate harm to the victims. Nobody was launching nuclear missiles (or allowing another nation to launch nuclear missiles on their soil) during the cold war and then saying "Wow, *cough* *cough* I have no idea who launched those missiles!" But time and time again we see "attacks" from Chinese IP addresses and the Chinese government saying "Help us catch these criminals, *snicker*, they are too wily for we, the stupid Chinese who manage to control our populace with a giant firewall but can neither detect nor trace these attacks from within our borders."

Old fashioned diplomatic horse trading will also be a critical tool for avoiding conflict and stemming the kinds of economic and military espionage that have become common in recent years.
As I stated above, I feel that the "economic and military espionage" is largely coming from one or two perpetrators. China will simply agree to everything, take the bargaining chip (whatever it is) from the US and then continue to play dumb.

In fact, the country's leaders are anxious to hear the opinions of U.S. policy experts on what an effective cyber war doctrine and policy should look like.
Right, right, "Excuse me, what are the rules so I know how to toe the line but still remain in good standing with the UN ... er, screw them, the WTO?"

This gem was really humorous:

"We as a nation know what steps we need to take to reduce our risk in cyber space," said Lewis of CSIS. "We may not want to, politically, but we know what those steps are."

A hot topic of conversation now within policy circles, cyber war is likely to end up as just another weapon in the arsenal of the U.S., China and other advanced nations, said Lewis. "People will figure out how to use it."
People will figure out how to use it? Now get off your lawn? Buddy if you can't take the time to pick up the paper or turn on CNN and watch 15-year olds downloading point'n'click bots to be a part of Anonymous, you don't deserve the title of "Senior Fellow at the Center for Strategic and International Studies." Let me assure you, people do know how to use it. Ragtag groups of teenagers roving the globe can band together and effectively use it. I'm sure governments aren't as ignorantly bumbling to catch up like they want us to believe.

--
My work here is dung.
1. Re:In My Opinion, One Horrible Analogy by sixtyeight · 2012-03-01 07:07 · Score: 2
  
  I'm sure governments aren't as ignorantly bumbling to catch up like they want us to believe.
  Of course not. But publicizing the domestic use of drones over U.S. cities and Jay Rockefeller going balls-out to stifle internet free speech doesn't make for particularly good press. So they do this instead; it worked wonders for George Bush, Jr.'s career. Why mess with perfection?
  
  --
  The Wolfpack Project: BitCoin + Crowdfunding = Political Accountability
2. Re:In My Opinion, One Horrible Analogy by GameboyRMH · 2012-03-01 07:30 · Score: 4, Insightful
  
  The other problem is that in "cyber war" there are no laws of physics to ensure that the rules of kinetic destruction apply. Certain targets can be practically indestructible. Basically MAD only works if both parties are horribly incompetent at computer security and plan to keep it that way.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
3. Re:In My Opinion, One Horrible Analogy by roc97007 · 2012-03-01 07:31 · Score: 3, Interesting
  
  > I'd hate to see something that worked poorly.
  Wait a year.
  
  --
  Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
4. Re:In My Opinion, One Horrible Analogy by Bengie · 2012-03-01 07:39 · Score: 4, Funny
  
  I envision ping -t attacks and Minecraft griefing. Possibly a World of Warcraft arena team to take out pesky Chinese farmers. Maybe the US government is going to get into EveOnline and is going to all out attack the Chinese players.
  Really.. wtf is "mutual destruction" in relation to a "Cyber-war"?
5. Re:In My Opinion, One Horrible Analogy by Anonymous Coward · 2012-03-01 07:45 · Score: 3, Insightful
  
  Anonymous isn't cyber war. It's hacktivism.
  The distinction is drawn by the damage level. If the destruction is comparable with attack vectors classically associated with traditional warfare then that's when it crosses the line. For the most part, this doesn't seem to have happened yet.
6. Re:In My Opinion, One Horrible Analogy by tomhath · 2012-03-01 07:59 · Score: 4, Insightful
  
  Cyber-warfare is happening now...
  You seem to be confusing cyber-espionage (which is happening) with cyber-war (which would involve disrupting most financial transactions, journalism, etc.). You wouldn't get a tweet that cyber-war started because that would be one of the first sites taken down.
  The closest we've seen to cyber-warfare is the STUXNET virus; it want far beyond the capabilities of script kiddies running downloadable bots.
7. Re:In My Opinion, One Horrible Analogy by Kamiza+Ikioi · 2012-03-01 08:09 · Score: 4, Insightful
  
  Not only that, but with a nuclear bomb, you can see it coming. You can see where it came from. You know who sent it. And you can fire back appropriately. Chinese hackers can attend American colleges, and attack from our own soil, and we have no way of knowing where or who it came from, if they're really good at it, that is.
  
  --
  I8-D
8. Re:In My Opinion, One Horrible Analogy by khallow · 2012-03-01 08:19 · Score: 2
  
  You seem to be confusing cyber-espionage (which is happening) with cyber-war
  
  There can be a pretty fuzzy line between traditional espionage and war as well. For example, in the case of Stuxnet, it was accompanied by assassinations, all to take down what would be a valid military target in a war.
9. Re:In My Opinion, One Horrible Analogy by 10101001+10101001 · 2012-03-01 08:24 · Score: 2
  
  But time and time again we see "attacks" from Chinese IP addresses and the Chinese government saying "Help us catch these criminals, *snicker*, they are too wily for we, the stupid Chinese who manage to control our populace with a giant firewall but can neither detect nor trace these attacks from within our borders."
  With no intent to excuse or defend the Chinese government, but isn't that pretty much the quid pro quo the US and the USSR/China has had for ages? I mean, if the situation was reversed, how quick would the US government be to track, arrest, and possible extradite a US hacker? This, btw, is one reason why I find the situation with the Afghanistan War so absurd.*
  *Yea, this seems like quite a detour, but hear me out. Put simply, Afghanistan has its own self-interests which often include looking the other way when it might give a perceived international enemy a bloody nose. The US has, I'm certain, done the same thing in reverse--although admittedly it never rose to the level of killing thousands of people at once, just usually less than thirty at a time over years, often overtly, and sometimes in the form of lobbing a cruise missile at a "terrorist base" that turns out to be a factory. That the US should then pull a "you're either with us or against us" then becomes rather absurd on its face, especially considering how the US has remained incredibly silent about places like China which clearly isn't "with us" except in the most generic sense of being perfectly willing to crush and kill perceived enemies of the government--note, not the people. Btw, yes, this means I agree with the poster below that says this is more cyber-espionage than cyber-war. If China wanted to cripple the US in a cyber-war, there'd be a pretty severe real-war retaliation. That's the only part of MAD keeing the US safe. It certainly isn't the US having excellent cyber security.
  
  --
  Eurohacker European paranoia, gun rights, and h
10. Re:In My Opinion, One Horrible Analogy by OeLeWaPpErKe · 2012-03-01 09:08 · Score: 2
  
  Something people really should start learning about espionage and computer security. If the enemy is really good, you'll never even realize there is an enemy. You'll just be outwitted miraculously at every turn in a conventional setting.
  It'll look more like a Kasparov versus the neighbor kids chess game than anything else.
So only the US and China get Cyber-Destructed? by PolygamousRanchKid+ · 2012-03-01 06:50 · Score: 4, Interesting

Something makes me think that they will take the rest of us with them . . .

--
Schroedinger's Brexit: The UK is both in and out of the EU at the same time!
1. Re:So only the US and China get Cyber-Destructed? by gox · 2012-03-01 07:11 · Score: 2
  
  Exactly. And who's to say that they won't have a mutual interest in destroying the Internet at one point?
2. Re:So only the US and China get Cyber-Destructed? by GameboyRMH · 2012-03-01 07:49 · Score: 3, Funny
  
  You find the giant Linksys router in the secret government facility and pull the plug on it.
  
  --
  "When information is power, privacy is freedom" - Jah-Wren Ryel
3. Re:So only the US and China get Cyber-Destructed? by Dunbal · 2012-03-01 07:50 · Score: 2
  
  The internet has already been destroyed as far as I am concerned. There was a brief moment in the early 1990's where the sky was the limit and useful content was relatively easy to find. Now it has devolved into an endless and mindless recycling of garbage, all 100% optimized to make it at or near the top of the search engine pages. Some of this recycling is even done by bots. A lot of it is done by humans plagiarizing the same crap over and over. Occasionally, after about an hour's work, useful content can be found. Surely it used to take me less time to drive to the library and look stuff up on index cards?
  And finally nearly everything is behind a paywall because, you know, the internet ain't free. We're all paying the telco tax of course but hey, it ain't free (read this as "I deserve a fucking cut too"). So if you don't have to pay because of a paywall, you have to pay through outright intrusion into your computer system (but don't worry, no PERSONALLY identifiable information will be shared) or even in the case of "social networking" sites, intrusion into your personal life.
  Forums are just buffet troughs for trolls. Multi-player games are just one big grief-fest. And everything seems to be all about tricking you into clicking that useless link, a trick that used to be reserved for porn sites.
  
  --
  Seven puppies were harmed during the making of this post.
4. Re:So only the US and China get Cyber-Destructed? by roc97007 · 2012-03-01 08:36 · Score: 2
  
  That's funny. It reminds me of a company I worked for, where the network architect thought it'd be a good idea to plug all the company's internet connections into a single Wellfleet. As I recall, after about the fourth time it went south and took the entire company offline, he was invited to resign.
  
  --
  Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
5. Re:So only the US and China get Cyber-Destructed? by jafiwam · 2012-03-01 09:57 · Score: 3, Interesting
  
  I might start with a few ships dragging anchors through the fiber to China. Follow it up with a few ships threatening the same to India if they route Chinese traffic over land. Of course, that would be treated like an act of war (it is), however, I don't see the Chinese as the protagonists on this, we don't attack their shit aggressively and constantly but their great firewall has the capability to stop outgoing attacks and they seem to not bother or even encourage it.
  It would be relatively easy to drastically reduce or completely cut of China by physically destroying the network. They'd have to use operatives or proxies that were pre-located elsewhere on the planet, which takes their "there's billions of them!" advantage down most of the way.
  Hell, half of Africa was shut off accidentally a couple days ago.
  Anybody with any brains already has most of the Chinese netblocks killed at their firewall anyway. For my stuff, the Chinese are a zero signal to noise ratio. Know what else NOBODY NOTICED.
  There's already a war going on, the Chinese host a lot of compromised machines and initiate a lot of attacks already.
I don't agree by s.petry · 2012-03-01 06:50 · Score: 4, Insightful

Part of the problem with outsourcing all of our IT manufacturing is that we don't know what foreign agencies can kill with a single switch. It's only a part mind you, but enough that we in the US should be severely concerned with. No matter how good our hacking staff is, if the hardware they are hacking on is killed from a remote location.. well.. that pretty much ends the game.

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
1. Re:I don't agree by SuricouRaven · 2012-03-01 07:35 · Score: 4, Interesting
  
  If I were a Chinese intelligence expert tasked with meeting this challenge, I'd place my killswitch in the offload engine of network interfaces. Just have to get the chip fabs in China to switch their masks for slightly modified ones, with a tiny bit of extra circuitry on the silicon. It'd look for a specific sequence of 16 bytes in the packet (Putting it in the offload engine ensures it won't inadvertantly break routers en route - at worst you'd knock out a web proxy instead) and, upon detecting them, short every data line on the PCIe interface to ground (or +5v) in the hope of frying the northbridge, or at least crashing the system. Now you've got a simple but effective killswitch. Good for exactly one major use before it's discovered and the trigger blocked, but one use should be quite enough - when the war goes serious, the ability to crash half the US internet will provide many hours of disruption. Enough to cover a first strike. Alternatively, it could be used to quietly fry the webservers of dissidents or proxies - so long as you don't try to hit too many at once, it'd look like nothing more than a failed mainboard and never be detected as a deliberate attack.
  
  You could use it as an ECM system - respond to hacking attempts with a packet containing the kill-code - but if you do that consistantly they'll eventually realise something is going on and start replaying packet dumps until they find the cause.
2. Re:I don't agree by s.petry · 2012-03-01 10:35 · Score: 2
  
  As someone else showed, it does not take a lot in terms of logic. A network interface has to open packets, and a logic circuit to look for a specific string in a packet and die if it finds it, or worse simply repeats that packet on a broadcast to all known addresses can shut people down for a long time. A smidge more code, and we have the packet locked in a buffer so even after a power off/on the card no longer works.
  Could China or Korea add such a chip to a NIC that is sold only overseas? Most likely, or they could run firmware to change their devices. Malicious code is not extremely complex to write. The millions of script kiddies plinking away at Winders systems should be proof enough of that.
  
  --
  -The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Up the stakes by ch-chuck · 2012-03-01 06:53 · Score: 2

Are we heading toward a cyberwar with real casualties, like this?

--
try { do() || do_not(); } catch (JediException err) { yoda(err); }
1. Re:Up the stakes by Dunbal · 2012-03-01 07:54 · Score: 2
  
  Governments have never cared about people. They care about power. They get power by pretending to care about people.
  
  --
  Seven puppies were harmed during the making of this post.
Cyberwar? *yawn* by JustAnotherIdiot · 2012-03-01 07:07 · Score: 3, Interesting

Whatever makes the warmongers in congress happy.
At least this way we're not sending young men to die needlessly.

--
What do I know, I'm just an idiot, right?
1. Re:Cyberwar? *yawn* by Dunbal · 2012-03-01 07:58 · Score: 2
  
  Rofl yeah that makes a difference. A vote. You must be clueless if you haven't realized that the status quo is maintained no matter which political party is in power. The "vote" makes no difference. The only difference would be if you ran for office yourself, and even then you get caught by international treaties which override your puny national vote. And if all else fails, the person in power can simply ignore your vote. All of the above has happened, and is happening right now.
  
  --
  Seven puppies were harmed during the making of this post.
Turn off the pipes by Skapare · 2012-03-01 07:26 · Score: 4, Informative

If an attack does come from overseas, just turn off the pipes (power off whatever devices the physical undersea fibers connect to). The problem with this is that they are likely setting up a massive botnet within the target country that cannot be blocked by such a method. And we do see that the government tends to not care to shut down botnets, even now.

--
now we need to go OSS in diesel cars
So what does MAD mean in this context? by roc97007 · 2012-03-01 07:29 · Score: 4, Informative

Trivially, an attack can be stopped or at least contained by simply pulling the network plug. I can't envision a scenario where we'd "lose the internet". We might lose connectivity to some areas for awhile, but it's not like there's some timed self-destruct code buried in Cisco firmware that could be activated en-masse.
...Is there?

--
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Cold War: past and present by forgottenusername · 2012-03-01 07:37 · Score: 2

Scenario A)
Total annihilation of all mankind, including most living organisms, with the world taking many centuries to slowly recover
Scenario B)
Facebooks r down
They are the reason you are losing the "cyberwar" by Hentes · 2012-03-01 07:41 · Score: 3, Informative
Idiots like these are the main reason Americans are so vulnerable to online threats.
I have written about why cyberwar is a false analogy, so mostly I will just repeat myself:
- There is no warfare, it's just a new method of espionage.
- There is no mutually assured destruction: cybersabotage is anonymous, thus you can't counterattack, and even if you could, an all-out attack would still not be enough for complete destruction. Cyberespionage is a slow game, to seriously disrupt a target infrastructure you would have to research it for years. And while you theoretically could try to collect vulnerabilities and then exploit them all at the same time in a single strike, it's not really feasible as systems get upgrade from time to time, and you collection would get obsolete after a while. In this conflict you have to grab an opportunity when you have one, a single devastating strike isn't practical.
- Also, destruction in this sense is a huge exaggeration, you can't do serious (compared to a real war) harm from the internet.
- The source of an attack doesn't have to be a nation, it can be anyone with an internet connection, which combined with anonymity makes diplomacy worthless.
- The only true method that works is to secure your fucking systems, and run regular whitehat tests (or, in their words, "cyberwargames") to identify possible vulnerabilities.
Doesn't this only work when... by softWare3ngineer · 2012-03-01 07:42 · Score: 2

we both have the same to loose. So if China decides that they can get by with just their intranet then deterrence doesn't work. Especially since the stakes for the US and rest of the world would be total economic collapse. Also concerning is the less one side understands about the technological concepts and repercussions the more likely ether side is start a cyber war. and we all know our decision makers are crack technologists. A least nukes mean the total end of the physical world, where no one is likely to exactly know what would happen if we erased the virtual one.
This is false, we control the links by WillAffleckUW · 2012-03-01 08:11 · Score: 2

All we have to do is screen out the Chinese Internet connections by Satellite and Cable and it will be like nothing happened.
You don't think all those "disused" satellites in orbit are dead, do you?

--
-- Tigger warning: This post may contain tiggers! --
China will kick ass and chew bubblegum by sl4shd0rk · 2012-03-01 08:52 · Score: 2

"Chinese hackers: No site is safe - CNN"
"Chinese hacking worries Pentagon"
"Pentagon hacked, Chinese Army suspected"
"China denies hacking Pentagon computers"

--
Join the Slashcott! Feb 10 thru Feb 17!
Made in....? by sociocapitalist · 2012-03-01 10:53 · Score: 2

Chinese networking and systems hardware isn't "Made In America".

--
blindly antisocialist = antisocial