Slashdot Mirror
The Global Struggle To Prevent Cyberwar
blottsie writes: What constitutes war in the 21st century? In an age of almost constant cyberattacks against major corporations and world governments, the consensus among international-law experts is clear: Nobody knows. This sweeping Daily Dot investigation explores the ongoing struggle to define "cyberwar," the increasing geopolitical aggression in cyberspace, and the major players now attempting to write the rules of online battlefields before it's too late.
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown. Right now, Watts said, 'states bite at one another’s ankles in a way to impede progress or to harass them,' but 'as for the likelihood of a major cyber war, I would rate it pretty low.'
Cyber armageddon may be extremely unlikely, but the many attacks below the level of formal armed conflict have still extracted a staggering price, in both economic and political terms. ... For starters, cyber-arms control is effectively hopeless. There’s no point, experts say, in trying to contain the spread of offensive cyber technology. Instead, the best hope for international law is to focus on reducing the incentives for malicious behavior."
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown. Right now, Watts said, 'states bite at one another’s ankles in a way to impede progress or to harass them,' but 'as for the likelihood of a major cyber war, I would rate it pretty low.'
Cyber armageddon may be extremely unlikely, but the many attacks below the level of formal armed conflict have still extracted a staggering price, in both economic and political terms. ... For starters, cyber-arms control is effectively hopeless. There’s no point, experts say, in trying to contain the spread of offensive cyber technology. Instead, the best hope for international law is to focus on reducing the incentives for malicious behavior."
The nature of mankind is conflict. When we had rocks, we threw rocks. When we had bombs, we dropped bombs. When we had nuclear weapons we stepped back a bit, continued with the rocks and bombs and added computers.
May you live in interesting times.
Faster! Faster! Faster would be better!
This sweeping Daily Dot investigation explores the ongoing struggle to define "cyberwar,"
Step one: pick something that sounds scary and declare yourselves the opposition to it
Step two: social media campaign
Step three: lobby governments
Step four: news stories, lots of them
Step five: decide what it is we're supposed to be preventing, in real terms
Cyber-spam. Almost everyone who uses the word cyber is out with bulshit.
What we need is proper product liability for people who sell things containing or based on inadequate software. Even if states stopped there would still be enough criminals out there wanting to break and steal things.
We already see international business sanctions -- the embargo of specific goods or services, banking access, oil sales, etc. You can make arguments for and against their effectiveness or even usefulness, but they are still pursued for reasons both publicity-related and practical.
Will we ever see "internet sanctions" where nations have their Internet access to the US limited or blocked?
Prevent? No, the cyberwar has long since started, and I fear the forces of good are steadily losing.
We continue to fight the good fight, straining endlessly against the sea of foes in the cyberwar - against politicians, government staff, corporate drones, PHBs, and even the tech journalists that have betrayed us. Standing with us, but a few ragged, weary veterans of the IT industry - the programmers, the sysadmins, the network engineers, struggling valiantly in our constant fight to get people to stop putting the prefix "cyber" in front of anything and everything.
Sounds like the Mr. Robot conspiracy.
I've read and heard policy makers making suggestions that locking down Internet borders in similar fashion to China. Doing this would be like taking 10 steps back from globalization. I would argue that it's a bad thing while others would encourage it.
I'm not a cross continent internet connectivity expert but I would assume traffic source can easily be identified. If a country is known for causing havoc, their connectivity should be limited to none or at least regulated. I know this doesn't stop all perpetrators but it complicates the process hence removing some of the culprits.
We host an IIS server and we have put "honey pots" that hackers have been hitting regularly. 90% of the traffic comes from China and Iran with the other 10% being local (which could be proxies for all we know)
There is a breathtaking amount of critical infrastructure that is very lightly protected on intranets if not outright exposed to the public Internet. There is simply no excuse for this. Even if things require, say, cellular monitoring it's very straightforward to use highly restricted VPNs or even MPLS over cellular (especially for an organization the size of most public utilities). The fact that this is even such a major issue is flat-out sad and stupid.
Help save the critically endangered Blue Iguana
"Be frightened," they say, "because someone somewhere is trying to hack into a computer somewhere in this country."
"And how will I know when they are successful?" I ask.
"We will tell you," they say.
"Is there anything I can do to help keep us safe?" I ask.
"Yes," they say, "give us money and power and we will keep you safe."
And at that exact point, if I actually give these hucksters money and power I will be the biggest idiot ever to walk the planet.
Seriously, lets outlaw the word Cyber. The next person I hear say the word Cyber I'm going to grind their nuts into a paste and feed it to the raccoons that keep getting into my trash.
There's obviously more effort towards creating cyberwar, the "struggle" to prevent it isn't much more than hand-wringing. What do you expect?
If this is really a threat, the best practice would be to have a multinational effort to make sure software is secure, and that vital infrastructure is set up in a secure way. Encryption, air gaps, regular audits of commonly used software, all in the wide open. None of this "save this 0-day exploit for a good target" bullshit, just focus on getting things fixed.
This is my signature. There are many like it, but this one is mine.
"The cyberwar era arguably began two hours before midnight on April 26, 2007 .. The hackers were using a technique called a distributed denial-of-service (DDoS) attack." consisting of a vast number of compromised Microsoft Windows desktops ..
Don't underestimate cyber war capability. With so many SCADA vulnerabilities, it is quite likely that power, water, traffic control, including air traffic outages within the realm of possibility. It is also possible that various industrial systems can be exploited to cause widespread industrial accidents. This is all before we get into information realm - any kind of electronic record can be altered, from mass releases of violent criminals, to adding all doctors, nurses, teachers, social workers, fireman to 'most wanted' lists and causing service disruptions that way. You also have information leaks, where all kinds of personal information can be made public.
I also think all-out cyberwar will quickly escalate to nukes. This is the only reason it hasn't happened.
Haven't you read the news? Governments are already using cyber attacks and I'm not talking about the NSA. The FBI are using it too. Sometimes they get a warrant to do it but sometimes they don't.
Why isn't someone concerned about what is legal?
We've become way too dependent on the internet and the idea that it will always be there and can always be relied on and trusted. Cyberwar, for all its negative outcomes, might at least teach a lot of industries, government agencies, systems engineers, etc. that there should ALWAYS BE A BACKUP OFF THE NETWORK and that there should always be a plan to isolate any system from the grid. No important system should be utterly dependent and totally on the internet or even an internal network.
I'm not saying we have to go all William Adama and forgo the internet altogether. But we should definitely end this idea that the internet (or any network) infrastructure is always reliable and always friendly.
SJW's don't eliminate discrimination. They just expropriate it for themselves.
Could we please NOT perpetuate this cyber war bullshit moniker? It's banal and asinine.
Until there is a way to prove the identity of the attacker(and even then what are you going to do about it?), computer hacking shenanigans and corporate espionage will continue. It does not matter what either party agrees to do publicly, they will absolutely hack the other party.
It is absurdly naive to even discuss not doing it as a serious possibility.
Will we ever see "internet sanctions" where nations have their Internet access to the US limited or blocked?
No Facebook for you, Charlie Chan! How do you like dem apples?
Yes, it's ridiculous. Just as ridiculous as teh words cyber war. I'll wager that a congress critter pushes such a bill within the next 5 years.
The Internet was built from the ground up with fault-tolerant collaboration at the heart. It never occurred to the well meaning scientists and engineers that some of the users would be out and out assholes.
Internet 3 should be designed with jobs one, two and three being near-paranoiac levels of security (AND ANONYMITY) and purpose-built such that all the existing hardware-embedded code (bugs and all) won't even work, such that the entire 'net and equipment have no legacy garbage with neither lazy (corporate) nor intentional (governmental) backdoors built in (verified via all open code).
Of course, given the twin costs of new hardware and the spooks losing all their peepholes, none of this will ever happen (right, Langley?).
They're having factories and buildings explode every day in a coordinated nationwide Islamic terrorist attack.
Cyberwar is the LEAST of their problems.
-- Tigger warning: This post may contain tiggers! --
I'm seeing tons of attacks coming from China and Hong Kong ( http://longtail.it.marist.edu/... ), but only Level 3 seems to be doing anything about blocking them http://www.lightreading.com/se... Even though they'll never be able to block all the attacks, the backbone providers could at least slow them down.
LongTail SSH Brute Force analysis tool is here!
We can't expect politicians, bureaucrats or international business to cooperate freely with others around the world. They perceive a world of competition, a world of scarcity in which winning requires others to lose.
But there is another way.
Scientists and engineers around the world have cooperated in the most important projects of our time: the International Space Station; the LHC; the Genome Project; Linux... Scientists often cooperate on medical, climate and other research. Engineers cooperate on Github, maker mobs and elsewhere.
Scientists and engineers are generally more interested in the fruits of their labor than the ebb and flow of political/military interests. They (we) can simply ignore their small minded governments and cooperate toward a free and safe internet for all.
...omphaloskepsis often...
"Technical experts and legal scholars repeatedly stress that the idea of a 'cyber Pearl Harbor'—a devastating sneak attack on U.S. infrastructure by a powerful state actor that launched a sustained international conflict—is wildly overblown"
No one expects the Spanish Inquisition
Custom, hands-free Linux installs. Instalinux
Cyber armageddon
Can we all agree on "cybergeddon"?
- First they ignore you, then they laugh at you, then ???, then profit.
Cyberwar, as defined by the media, involves hackers working for a government and/or military to hack into foreign government systems looking for 'intelligence'. This is really just plain old espionage, nothing special or even unexpected.
The real cyberwar is the war being waged against the free & open internet. Censorship, advertising, surveillance... you name it, they've got us by the balls and are twisting them, hard.
Everyone is so scared of these invisible bad guys going after infrastructure, such as power plants, dams and water treatment plants.
Let's think of something even more important. Let's think Wonder Bread. A few lines of code, and *bam!*, you've shut down the production line on a factory that's used to churning out 10,000 loaves of bread per day. Do that for a sugar plant and see what happens. How about an operation that makes chicken and hog feed?
Everyone is so focused on the big stuff. Lemme tell you, if the bread plant even loses connectivity...it shuts down. Because it doesn't know how much of the product to make! Better to not make anything, and endure a temporary shortage, than to make too much that will go to waste.
You don't have to worry about the sewage treatment plant getting attacked, when there's not going to be anything for people to poop out.
[End Of Line]
We could as a community decide to switch to secure operating systems, the kind that never, ever trust program code to do what it says on the tin. This would require a lot of coding, but nothing more than the scope of GNU/Linux. This would eliminate viruses, spyware, and a whole host of other problems. I look forward to the day when I can tell the OS which files to allow an application to use... until then it's going to keep getting worse.
A cyberattack is a machine attacking a machine. Multiply by 1,000 for a 'cyberwar'. When I shoot a gun at a car, is the gun attacking the car or am I? Similarly, how much human control is required before a bot-net is just an terrorist/cracker/hacker attacking, not a cyberattack?
While almost anything can constitute an attack, war is a very different beast. It requires a large number of actors, a plan to cause damage or long-term interference, an end-goal of impairing the military, economic or political services of the target. Putting aside a few actions against countries, such as Iran, there is no continuing cyberwar. Most cyberattacks result in identity theft or identity exposure (Ashley Madison, US OPM). The loss of sensitive data which may cause economic damage forms the minority of cyberattacks. Even the most common loss of sensitive data, credit card records, causes little damage.
The USA has declared every cyberattack an act of war. Considering the large number of attacks occurring daily, the USA obviously can't react to most attacks, even if it can identify the attackers. The question becomes one of response: What is the cyber-equivalent of bombing a dictator's palace? On this battlefield the USA doesn't have supremacy, so how does the USA avoid a cyberattack version of 'Pearl harbour'?
I think one aspect of cyber war that people forget about is the most powerful one.
The internet puts information in front of the eyes of millions (billions?) of people
What better way for a govt (foreign or domestic) to deliver well tuned propaganda (or political spin) to the most influential citizens of an enemy?
And it can be done without any kind of physical or digital subversive action.
E.g. Even posting this later than same day as OP makes it far less likely to get noticed. You think that's not ever used against us?
(Yes, I lumped propaganda from foreign govts with political spin from ours... these + maybe some major corps are the people fighting for your mind)