backtop


Print 73 comment(s) - last by FaceMaster.. on May 21 at 3:25 PM

Sometimes the best defense is a good offense...

The online world is growing to be an increasingly dangerous place, with multiple national governments including Britain, the U.S., and India alleging that their systems are being regularly hacked and probed by Chinese nationalists.  These incidents are the sign of a growing trend and represent the increasing sentiment among military minds that the wars of the future will be waged heavily online.

In the era of online warfare, one of the most powerful attacks are brute force attacks using botnets.  These nets control thousands, or in theory, millions of online computers, remotely coordinating them to perform attacks as simple as simple distributed denial-of-service (DDoS) attacks as well as more sophisticated attacks.

The value of having a strong botnet is becoming readily apparent.  China already appears to have one, if U.S. intelligence is to be believed.  The U.S. is floating plans of building its own botnet to combat its enemies.  And it’s putting the idea out under the public eye to get feedback, as it prefers its actions be discovered sooner, rather than later for fear of public backlash.

Col. Charles W. Williamson III writes in the Armed Services Journal an article calling for the development of a botnet, using the American public's computers.  He wants the botnet to be placed under the U.S. Air Force's command.  The Air Force is becoming increasingly involved with online warfare, with the development of a new sub-branch of the Air Force, the Air Force Cyber Command (AFCYBER).  AFCYBER deals with a variety of online threats from rogue individuals to dangerous nationalists.

Many see the article as more of an announcement as opposed to a question.  Barring massive public feedback, it seems likely the U.S. military will pursue plans to develop a massive botnet for its offensive and defensive purposes.  Williamson raises a valid point that any fortress, digital or real-world, will eventually be penetrated by a determined invader.  He says the only viable solution is to develop and practice a considered offense.

He points out that cyber security circles agree with him on this point; most security experts realize that no method of data protection is currently foolproof.  By merely owning a credible offensive capability, Williamson believes many would-be attackers will be deterred.

How will the botnet be formed?  Williamson suggests first repurposing old military computers.  He goes on to suggest that the military should consider infecting civilian machines with trojans, making them potential zombies, should the need for the botnet's use arise.

Williamson concludes his ruminations on the botnet with an intriguing question.  If another country's civilian infrastructure is attacking our government or civilian infrastructure online, how can the U.S. delicately launch an attack against the attacking infrastructure?

Writes Williamson, "The biggest challenge will be political.  How does the US explain to its best friends that we had to shut down their computers? The best remedy for this is prevention. The US and its allies need to engage in a robust joint endeavor to improve net defense and intelligence to minimize this risk."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

I Disagree
By Quiescent on 5/13/2008 10:08:11 AM , Rating: 2
I have seen what botnets are capable of. It's not so fun when you're chatting on IRC and suddenly a 1k botnet hits your channel. If you have a crappy computer or just use a crappy IRC Client, most likely your computer will freeze and/or just lag for as long as the botnet hits you.

In further addition, being infected by a botnet can consume your bandwidth and your computer's resources. And me having a 256k up and down connection, I prefer not to have someone else use me to their advantage at the cost of me paying for the internet connection I have.

Sure if they paid me a lot of money to use my computer as a botnet and secure it so that only they can access my computer, I would absolutely be all for it. But otherwise, it would be a waste of my time, a waste of my bandwidth, a waste of my money, and a sore for me.

Great, now the military wants to be skiddies!




RE: I Disagree
By Shawn5961 on 5/13/2008 11:09:07 AM , Rating: 2
I'd rather have a 256k up/down connection than having a connection with a bandwidth limit like I do. Too much bandwidth in one day and I get shut down to dial-up speeds, with one major difference. Whereas dial-up gets about a 400-600ms ping, mine is usually around 1250.


RE: I Disagree
By Quiescent on 5/14/2008 9:39:02 AM , Rating: 2
I feel like I have a dialup connection sometimes. When I'm downloading a torrent, no matter how much I limit my upload speed, I end up not being able to load sites as well, sometimes they just time out. With my modem, I actually get 1mbit/256k. The download isn't the problem, but my upload is only as much as 32kb/s. If I limit it to 10kb/s for seeding, I still can't load sites well. It's pretty terrible, I was told it's a problem with the ISP and how they have things setup, because I shouldn't be having this problem at all.


"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki