Slashdot Mirror
How the Militarization of the Internet is Changing Warfare
puddingebola writes in with a link to a New York Times article about how the militarization of the internet is changing contemporary warfare. "The decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush's presidency marked a significant and dangerous turning point in the gradual militarization of the Internet. Washington has begun to cross the Rubicon. If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory. It is one thing to write viruses and lock them away safely for future use should circumstances dictate it. It is quite another to deploy them in peacetime. Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyber-weaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyber-weapons outside any regulatory framework."
We have been at ware since early 2000's. It's not peacetime.
I thought Stuxnet was transferred via USB.
http://www.matrixgp.com/?page_id=760
Because nuclear and chemical weapons were developed INSIDE a regulatory framework to begin with.
And that was clearly charted, safe territory when they were built.
Oh, and let's not forget the fact that NO ONE is currently developing nuclear or chemical weapons outside of the frameworks today.
What the hell do you think war is?
This is probably the most troubling part. If an entity that is at odds with the US could choose to deploy malware that would affect not just military, government or corporate networks, but civilian computers and services. There needs to be a cyberspace analogue to the Geneva Convention, to prevent the cyberwarfare from causing damage to civilian networks and services. Will these regulations follow or even enforcable? Probably not, but it's a nice thought.
Now maybe when somebody asks me to put a SCADA system on the net, I can tell them it would be treason.
Nah, they'll just protest they didn't understand all the way to the firing line. Hell, they'll probably send me for not quitting.
Wasn't the original purpose of the Internet to serve the military?
"THE decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against"
This hasnt been proven beyond reasonable doubt. Even though we all think US/Isreal are the curprits, all articles should start with an appropriate preface. This really needs to stop.
Since when does being a Socialist mean 'someone who has a different opinion than me'?
marked a significant and dangerous turning point in the gradual militarization of the Internet.
And all these attacks coming out of Chinese universities are what, game playing?
Military takes on all mediums so it was inevitable efforts would evolve. WW III (should it come) will certainly involve a lot of concentrated attacks over the web, to bring it down, because it's far faster communication than simple radio or Television and goes around the world in milliseconds.
A feeling of having made the same mistake before: Deja Foobar
Cyberwar, at least as it's currently conducted, doesn't kill people.
Also, what makes them think that regulations matter when you're talking about war? Look at the nuclear weapons treaties - North Korea, Pakistan, India, and Israel have all flaunted them by making nuclear weapons, and the US and Israel have flaunted them by attempting to prevent Iran from researching nuclear power for civilian purposes (which is allowed under non-proliferation treaties).
I am officially gone from
You'd think the Internet was developed by the US military or something.
What complete and utter tripe! The Chinese, Russians and any number of other countries crossed the proverbial Rubicon many, many years ago. If the submitter is so naive as to think that this was the first example of state sponsored computer hacking against another state than the submitter needs to go to Defcon or any other security convention. Get real, get a clue.
... idiots using a piss poor OS shot full of security holes called Windows for mission critical infrastructure end up having the computers running said piss poor OS compromised or screwed up by some software that works off an abysmal security failure of a feature called autorun.
Sorry, but this isn't Tron just yet.
Peacetime? The US has only been at "peace" for a handful of years in its history, the rest of the years it has been fighting people abroad such as Iraq, Afghanistan, Vietnam, etc. People within its own borders (Indian wars) or arming, training and supporting violence in other countries ("war on drugs"). By abolishing peacetime, the government is allowed to ransack our liberties, steal our income even more and stifle dissent. Keep in mind we are still under a state of emergency because of "terrorism" first enacted by Bush and then extended every year by Obama.
Taxation is legalized theft, no more, no less.
It is a grossly inaccurate to state "Stuxnet has effectively fired the starting gun in a new arms race...". On the contrary, Stuxnet only makes a large percentage of the population aware of an arms race that started long ago.
Washington has begun to cross the Rubicon.
I thought Washington crossed the Delaware. When was he in Italy? Now I'm all confused.
--
.nosig
Considering nearly every protocol and major advancement on the internet has been through DARPA the world will probably be fine. But making unfounded ridiculousness claims is a great way to hype up a book you are going to sell in stores.
If I can make your cheap chinese dishwasher implode, you may like to buy my american made dishwasher instead;
or if I can make your stock-market collapse with automated hyper-reactionary trading.
It probably is just a matter of when, and not if.
Of course if you are already in the stone age, it cannot affect you.
Comparing military software viruses or tojans with chemical or nuclear weapons is totally inadequate.
Apart from that, yes, the US and Israel have set a bad precedent. Countries shouldn't just be allowed to attack other countries and get away with it, be the attack on the Net or more conventional. Apart from giving a bad example to the rest of the worlds, these kinds of "cyber" attacks are also just plain stupid, they do not make the world one grain more secure in the long run and will just encourage the victim nations to retaliate with their own "cyber" weapons.
It is discouraging that the people in charge have not learned from history or, even worse, erroneously believe that the Soviet Union fell because of the western demonstration of military power rather than by their own people and the self-collapse of communist bureaucracy and ideology.
...a significant and dangerous turning point.... If it continues, contemporary warfare will change fundamentally as we move into hazardous and uncharted territory....
You mean, just like when gunpowder was invented? Or when troops started using wheeled vehicles instead of horses?
Or when militaries started using... GASP!... aircraft?
Get a clue. Warfare is always changing fundamentally as it moves into "uncharted territory" made possible by new technology.
In times of universal deceit, telling the truth gets you modded -1 Troll
Combine the explosion of cyberwarfare with the advances in organic "inkjet printing" compound creation (e.g. http://www.psmag.com/health/making-medical-miracles-with-inkjet-printers-26770/ ), and you get: Internet Virus Causes Home Printers to Generate Plague / Ebola / Marshmallow Fluff.
-- clearly I consider all 3 to be of equal horror --
https://app.box.com/WitthoftResume Code: https://github.com/cellocgw
Be glad the DHARMA initiative lets you use its network, you sorry sap !! If you don't like it, go make your own !! You got lots of camel dung, so get to work building dung burning power plants, then go from there, LOSERS !!
I never understood 'rules' of war. If someone runs from (the symbolic) me into a church, I say nuke the church. If my bullets can mutilate instead of kill, and in the end bring victory, then I shoot mutilating bullets. If my biological weapon can be easily deployed into your water supply, why shouldn't they be?
The US started this war. And the rules of war, equivalent to laws, will only be followed by US law abiding citizens, not our enemy targets When we get another 9/11 level attack, don't be so naive this time, we started it (the same as last time).
slashdot troll = you make a compelling argument I do not like the implications of.
Unlike nuclear or chemical weapons, however, countries are developing cyber-weapons outside any regulatory framework.
Gentlemen. You can't fight in here. This is the War Room!
Could we stop such stupid wording? There's no war here. Nobody has died or is dying because of what they are pretending are weapons, which are in fact just a bunch of bits. This is becoming very silly, and I don't buy into this propaganda.
.lnk!!!) and not doing security house keeping correctly (files signed with certs they should be in the control of in the case of flame, and windows update not being totally unsafe).
And by the way, instead of falsely using an important word such as "war", we'd better highlight and focus on how much Microsoft is the responsible here. Responsible in both having stupid security holes (come on... executing code in a
Someone should note that while everyone watches Stux and similar, the Chinese have been carrying out Cyberwar, and constructive espianage for many years now. Their aggressive war activity has netted, and continues to net them economic gains far far outstripping the silly games being played around the Iranian nuclear program.
And, further, unless its actually challenged, the price and cost of that makes the Iranian Nuclear issue peanuts.
We`re all equal
Hand-wringing much? Hyperbole to spread F.U.D.
What is this "peacetime" of which you speak? Sounds fascinating...
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Internet was created by the military, and after an extensive beta test by the biggest population sample possible, is now ready to deploy as a weapon.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Am I the only one who is struck by the irony of that statement? Remember that military funding was behind the initial research and development of the Internet we use today. It's almost as if they allowed the private sector to spend their time and energy to develop and expand it for them, so they could again use it for their own purposes..
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
Part of the goals was a distributed network with no "head" could be knocked out in an attack. The 14 root name-servers are the closest thing to a head.
Cyberwar - When the "elite" consider security a matter of disciplining users, and the rest of the world goes along with it.
Security - when you don't trust things more than you have to... a feature not available in Windows, Mac OSX, nor Linux.
"weak troll"
If you think the ARPANET resembled anything remotely close to what has since been achieved by millions of unique individuals and groups freely choosing to implement their ideas, you're dreaming.
The ARPANET was about as much of a precursor to the internet as this was a precursor to your modern smartphone.
Wars will be on the Internet. But not the way you think. It will be virtual. ALL virtual.
Yes, we'll send trooops into places to occupy zones, but the battles won't be with bullets. They'll be on the networks, playing MOFPS where the outcomes will have real strategic consequences. The virtual maps will be from realtime data, and movements will be based on who wins within the game. Of course, both parties are connected and fighting, and relinquishing ground after defeat will be honored, lest the real bullets start flying. It is a much saner, and more PC type of war. Training in the field is only matched by training at the computer. You're a weapon of death in life, and in the virtual.
Only the civilized will wage this war, as the alternative is wholesale bloodshed, with the instigator losing 99% of the time. This is the future of combat. The virtual warzone, replicated in the real world near real-time. Fought in digital space with minimal casualties, with peace, ego, new allies, and physical ground as the spoils.
Step 2. Fire missiles.
Step 3. ?
Step 4. Profit!
Oh wait, Step 1 should buy 'Buy stock in defense contractors'.
The United States constantly declares war. There's been the "War on Drugs", the "War on Terror" - not to mention the wars against Iraq and Afghanistan and undeclared wars in places like Somalia and Yemen - where military actions (or drone-bourne assasinations) take place regularly.
The thing is, wars are wonderful devices for a democratically elected government. They allow a "wartime" footing to be established where a lot of peacetime protections, rights and restrictions can simply be tossed aside. War is as much a state of mind as a military action. If a country considers itself at war, a lot of the things that its citizens would be permitted to do become criminalised, or at least subject to official scrutiny.
This is exactly what's happened since 2001. The problem is that now we have governments all over the world - previously responsible, western governments that were considered "enlightened" are now viewing all their citizens as potential enemies, criminals or terrorists - and are treating them according to that suspicion.
If you think that cyberspace is too abstract a place to have a war, just look out for all the critical infrastructure that is accessible on the internet. Facilities that any government would be mad to let people walk into unchallenged can (I'm told) be hacked. Whether it's by a script-kiddie or a Stuxnet wielding super-power is immaterial. It's a state of conflict and peoples' rights are being squashed in order to counter it. That sure sounds like a war - even if the enemy is us.
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
...seems to be unnecessary flame-mongering. As I recall stuxnet was brought to a isolated (as any such industrial control system should be) intranet using an infected pen-drive.
Bottom line, if your network contains anything of critical state importance, don't connect it to anything.
"Security - when you don't trust things more than you have to... a feature not available in Windows, Mac OSX, nor Linux." - by ka9dgx (72702) on Monday June 25, @01:03PM (#40440515) Homepage
You can security-harden modern Operating Systems QUITE WELL, & it's even EASY TO DO, if you use a tool like the multi-platform + highly esteemed ( http://www.computerworld.com/s/article/9018362/CIS_tool_aims_to_help_federal_agencies_check_Windows_security_settings ) based on "industry best practices" recommendations of CIS Tool -> http://www.google.com/search?sclient=psy-ab&hl=en&site=&source=hp&q=%22HOW+TO+SECURE+Windows+2000/XP%22&btnG=Search&gbv=1&sei=W53oT_jaLKbp6gGXoe3gDg
That, along with a little end-user education (which it goes into a LOT on that note) on where threats come from, how to stop them, & to use common-sense (along with conscientious patching of OS &/or wares a user uses) goes a LONG ways...
* CIS Tool's also ready for Windows 7 + Server 2008!
However/Catch-22 (not really, & how/why) - it's not FREE like the ones for Windows 2000/XP/Server 2003 were, but, it has a 30 day demo (and you can make the alterations it suggests, & then, use regedit.exe to export those changes OR .inf files to merge too, & that way? You have the settings for "security-hardening" your rig that way, forever!)
APK
P.S.=> It's gotten results like the following quoted testimonials from a fellow that does PC Repair & more, from his family, himself, friends, & clients he's applied that guide's recommendations TO THE LETTER to:
QUOTED TESTIMONIALS TO THE EFFECTIVENESS OF SAID LAYERED SECURITY GUIDE I AUTHORED:
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=2
"I recently, months ago when you finally got this guide done, had authorization to try this on simple work station for kids. My client, who paid me an ungodly amount of money to do this, has been PROBLEM FREE FOR MONTHS! I haven't even had a follow up call which is unusual." - THRONKA, user of my guide @ XTremePcCentral
AND
"APK, thanks for such a great guide. This would, and should, be an inspiration to such security measures. Also, the pc that has "tweaks": IS STILL GOING! NO PROBLEMS!" - THRONKA, user of my guide @ XTremePcCentral
AND
http://www.xtremepccentral.com/forums/showthread.php?s=672ebdf47af75a0c5b0d9e7278be305f&t=28430&page=3
"Its 2009 - still trouble free! I was told last week by a co worker who does active directory administration, and he said I was doing overkill. I told him yes, but I just eliminated the half life in windows that you usually get. He said good point. So from 2008 till 2009. No speed decreases, its been to a lan party, moved around in a move, and it still NEVER has had the OS reinstalled besides the fact I imaged the drive over in 2008. Great stuff! My client STILL Hasn't called me back in regards to that one machine to get it locked down for the kid. I am glad it worked and I am sure her wallet is appreciated too now that it works. Speaking of which, I need to call her to see if I can get some leads. APK - I will say it again, the guide is FANTASTIC! Its made my PC experience much easier. Sandboxing was great. Getting my host file updated, setting services to system s
The article seems to think that the US is the first to pull the "Cyber Warfare" trigger. That is just silly. The only thing different here is that the US government was silly enough to ADMIT that they were partially responsible for Stuxnet virus, etc. The US civilian industry, and military assets have been under constant attack by various "actors" for over a decade. The only difference is those "actors" haven't admitted it or been caught red-handed. Most likely (and again they haven't been dumb enough to admit it like the US), the Chinese government has been one main Cyber Warfare protagonist that is constantly assailing US assets. So everyone get off their High Horses and face the real world.
The simple fact is we chose to fire bits at em, instead of nukes! Seems like an improvement in my mind!
Have you compiled your kernel today??
Washington has begun to cross the Rubicon...
Begun crossing the Rubicon? That's bad word choice for a cliche that refers to a definite, irreversible commitment. What's next? Gradually falling head-over-heals in love? A mild gut-wrenching pain? Tentative writing on the wall?
-1, Too Many Layers Of Abstraction
That's the thing about wars and rules. The rules are only followed by one side, typically the losing side unless there is some major imbalance of power. I'm all for worldwide peace, but the winning side is unlikely to follow any rules we set.
Is it just my observation, or are there way too many stupid people in the world?
Please see:
http://en.wikipedia.org/wiki/A_Taste_of_Armageddon
Duh. And goodnight.
If telephones are outlawed, then only outlaws will have telephones.
It's a wild and wooly world out there, folks, and what you're seeing is the difference between an open society and closed ones. Russian, Chinese, DPRK, terrorist, and organized crime entities have been working aggressively to field all sorts of bots, viruses, and trojans designed to inflict harm or break into US systems for at least a decade.
When Israel and/or the US do it, it's almost inevitable that *someone* will find out, and at the NYT, they interpret this as "OMG look at what we're doing!"
By the same measure, one could blame the police for increasing violence by deciding to employ firearms. In fact, that's pretty much exactly what the NYTs position is on the 2nd amendment, so at least they're consistent, if absurdly naive.
-Styopa
Regulatory frameworks are pointless.
Their only purpose is to give the biggest players and their sad little friends a monopoly to the weapons which are "regulated".
Case in point: nuclear weapons, the NPT.
Or what about the Ottawa mine treaty? Oh, wait, USA, Russia and China are not interested.
You seem to think that war is about everything *but* money. On the contrary, war (i.e. military spending) is 100% about money. The dirty little secret is that "power over the people" isn't the end goal at all; power is merely a stepping stone to the real end goal: money. The "Hitlers" of the world -- those who are motivated by power alone -- are *extremely* rare. These are the mentally ill. The vast majority of career politicians don't actually "enjoy" stealing your god-given right to self-ownership; what they enjoy is the profit they reap from it.
Your rights are NEVER oppressed for the sake of oppression! Your rights are oppressed for profit. Not very romantic, is it?
It is my understanding that Stuxnet got in on a USB stick: nothing at all to do with the Internet !
(True the actual controllers were networked to the compromised Windows PCs, but still not the "internet".)
Time for Operation Screaming Fist!
As an individual cowering in a corner in the basement of my own home, I have no defense against a Predator with a hellfire missile that has mistaken my house for the one with a family of Muslims one block over. Against these kinds of weapons, however, I have some pretty good defenses. They would have to infiltrate my ActionTec DSL modem (okay, that'd be easy), but then they'd have to figure out what ancient custom-hacked-on slackware kernel I'm running for a NAT box and get into it without the other one running tripwire and tcpdump detecting it. They'd also be pretty helpless against my remote power controller, which I can use to reboot stuff, because it talks via RS-232 and they'd be reduced to trying to hack into it at 2400 baud. Even if they were highly successful and managed to disrupt my weekend WoW raid, they would only kill my character. They wouldn't actually be able to kill me.
I'll take these cyber-warfare weapons jamming up the internets and clobbering my parent's computer over them dropping Hellfires and McDonnell-Douglas cluster bombs in my neighborhood any day of the week.
It is my understanding that Stuxnet got in on a USB stick: nothing at all to do with the Internet !
(True the actual controllers were networked to the compromised Windows PCs, but still not the "internet".)
Much like everything our government does, Facts do not matter, just the propaganda (They call it PR these days).
Be seeing you...
Your use of the phrase 'the militarization of the internet' bothers me. DARPANET was founded by the military; it was only in the 1990's that the internet became commercialized, and made friendly to civilians. Never forget that the prime purpose of the internet was to found a command and control structure, to keep communications open to Cleveland if Chicago got nuked. Stop worrying about the militarization of a military network. This is a straw man.
You're free to create your own peacenik network, open and free of government control. But never forget that the US government will commandeer control of the Internet as it sees fit, according to what they believe is important for the security of our country and the safety of its citizens, whether or not they're correct.
Remember kids, if you're not paying for the service, YOU ARE THE PRODUCT THAT IS BEING SOLD.
People are missing the point with militarisation of the Internet. It is a fantastic thing in every way. There would have already been an attack on Iran by now, if there were no stuxnet, et al. Civilised humans use every way they can to avoid violence, and the use of cyber weapons has bought some time to try to avoid the destabilising effects of a violent attack with real bombs on Iran.
It is far better to destroy a centrifuge than a human being, and Iranian terrorism is worse than no violence at all. But a lot more people would have died in a real cyber attack. Anyone who thinks that no government would have ever launched major cyber attacks on the Internet is very naive.
The idea that violence is a modern affliction is hilarious. Violence has decreased over time, and it continues to decrease as people find better things to do with their time. In the ancient Greek world, for example, the only time any armies ever stopped fighting was during the Olympic Games. It used to be granted that once the weather was good enough to fight that anyone who could field an army would be trying to take territory and resources from his/her neighbour.
Consider Alexander the Great of Macedonia and study his campaigns. Did anyone during his time ever even consider that conquering the known world might not be the best course of action? Did the Romans have such a high opinion of Alexander for any reason other than his skills as a commander? It was just what men did at the time, they were warriors, and violence was everywhere from the cradle to the grave.
The Iranians are going to do anything they can to hurt the United States, Israel and much of the Western world. Cyber attacks and targeted killing of scientists are not the best of all worlds, but they are far better than the indiscriminate killing of everyone, including the general population. The Iranian government does not care who gets killed; they will have their atomic bomb or will die trying.
Men, women and children are all legitimate targets to them. The US and Israel only want to kill scientists working on nuclear bombs and to destroy equipment for making bombs. That is far better than killing thousands of real people and shooting off real bombs.
Willard LeCroy
"The decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush's presidency..."
Of course the Obama administration bears no responsibility...they just leaked the information and were completely helpless to do anything.
http://www.pdfernhout.net/recognizing-irony-is-a-key-to-transcending-militarism.html ... There is a fundamental mismatch between 21st century reality and 20th century security thinking. Those "security" agencies are using those tools of abundance, cooperation, and sharing mainly from a mindset of scarcity, competition, and secrecy. Given the power of 21st century technology as an amplifier (including as weapons of mass destruction), a scarcity-based approach to using such technology ultimately is just making us all insecure. Such powerful technologies of abundance, designed, organized, and used from a mindset of scarcity could well ironically doom us all whether through military robots, nukes, plagues, propaganda, or whatever else... Or alternatively, as Bucky Fuller and others have suggested, we could use such technologies to build a world that is abundant and secure for all."
"Likewise, even United States three-letter agencies like the NSA and the CIA, as well as their foreign counterparts, are becoming ironic institutions in many ways. Despite probably having more computing power per square foot than any other place in the world, they seem not to have thought much about the implications of all that computer power and organized information to transform the world into a place of abundance for all. Cheap computing makes possible just about cheap everything else, as does the ability to make better designs through shared computing.
A 21st century issue: the irony of technologies of abundance in the hands of those still thinking in terms of scarcity.
The Geneva convention isn't ignored when we shoot .50 BMG round at some combatants we are not targeting them as you can't shoot .50 cal or greater rounds at personal, but instead targeting equipment on them as those rounds are only suppose to be anti material. Problem is we are just bad shots.
You are so full of shit. There is not such such prohibition that prevents that; you're just propagating ignorant ass urban myths. So why don't you just go back to playing Call of Duty and Modern Warfare.
"Stuxnet has effectively fired the starting gun in a new arms race that is very likely to lead to the spread of similar and still more powerful offensive cyber-weaponry across the Internet. Unlike nuclear or chemical weapons, however, countries are developing cyber-weapons outside any regulatory framework".
Total nonsence, all they have to do is a) stop using Microsoft Windows and b) don't connect their secret computers directly to the Internet.
Even if you could specify a set of rules, how would you trace violators? If TOR can protect child porn addicts, why not "Defence" departments?
Epitaph: At last! Root access!
The decision by the United States and Israel to develop and then deploy the Stuxnet computer worm against an Iranian nuclear facility late in George W. Bush's presidency marked a significant and dangerous turning point in the gradual militarization of the Internet.
Chinese gov. has been doing this for over a decade. NOW, ppl want to point fingers at W, while disregarding what CHina (and North Korea, Iran, Venezuela, and probably Russia) is doing? Seriously?
Look,I am well known for my disdain of neo-cons and the harm that they cause. However, to point a finger to W while ignoring the facts of other nations developing spy and attack virus, is just plain out there.
I prefer the "u" in honour as it seems to be missing these days.
I can not stand W or any neo-cons, BUT, it is best to stick to honest facts, rather than make up garbage. And in this case, it has been nations like China being the most aggressive on this.
I prefer the "u" in honour as it seems to be missing these days.
Drones should worry any targets, ut if you can convince Jason Bourne to take them on, they may as well kiss their ass goodbye.
Well, whenever somebody develops an offensive capability they're going to want to try it against some target to make sure it's effective. That's why the big boys fight proxy wars, to make sure the new weapons work before the warranty expires.
Internet was born -and is- a military project
I agree that free trade is the answer, but there are a lot of countries that ignore our history. They have their own history that tells them that "killing everyone is sight who does not believe" is both correct and is history. Given that, there is not choice but to enable a defense that accounts for this discontinuity.