backtop


Print 73 comment(s) - last by FaceMaster.. on May 21 at 3:25 PM

Sometimes the best defense is a good offense...

The online world is growing to be an increasingly dangerous place, with multiple national governments including Britain, the U.S., and India alleging that their systems are being regularly hacked and probed by Chinese nationalists.  These incidents are the sign of a growing trend and represent the increasing sentiment among military minds that the wars of the future will be waged heavily online.

In the era of online warfare, one of the most powerful attacks are brute force attacks using botnets.  These nets control thousands, or in theory, millions of online computers, remotely coordinating them to perform attacks as simple as simple distributed denial-of-service (DDoS) attacks as well as more sophisticated attacks.

The value of having a strong botnet is becoming readily apparent.  China already appears to have one, if U.S. intelligence is to be believed.  The U.S. is floating plans of building its own botnet to combat its enemies.  And it’s putting the idea out under the public eye to get feedback, as it prefers its actions be discovered sooner, rather than later for fear of public backlash.

Col. Charles W. Williamson III writes in the Armed Services Journal an article calling for the development of a botnet, using the American public's computers.  He wants the botnet to be placed under the U.S. Air Force's command.  The Air Force is becoming increasingly involved with online warfare, with the development of a new sub-branch of the Air Force, the Air Force Cyber Command (AFCYBER).  AFCYBER deals with a variety of online threats from rogue individuals to dangerous nationalists.

Many see the article as more of an announcement as opposed to a question.  Barring massive public feedback, it seems likely the U.S. military will pursue plans to develop a massive botnet for its offensive and defensive purposes.  Williamson raises a valid point that any fortress, digital or real-world, will eventually be penetrated by a determined invader.  He says the only viable solution is to develop and practice a considered offense.

He points out that cyber security circles agree with him on this point; most security experts realize that no method of data protection is currently foolproof.  By merely owning a credible offensive capability, Williamson believes many would-be attackers will be deterred.

How will the botnet be formed?  Williamson suggests first repurposing old military computers.  He goes on to suggest that the military should consider infecting civilian machines with trojans, making them potential zombies, should the need for the botnet's use arise.

Williamson concludes his ruminations on the botnet with an intriguing question.  If another country's civilian infrastructure is attacking our government or civilian infrastructure online, how can the U.S. delicately launch an attack against the attacking infrastructure?

Writes Williamson, "The biggest challenge will be political.  How does the US explain to its best friends that we had to shut down their computers? The best remedy for this is prevention. The US and its allies need to engage in a robust joint endeavor to improve net defense and intelligence to minimize this risk."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: I'm all for it
By Tsunami982 on 5/13/2008 10:18:24 AM , Rating: 5
In principle I would be for this (its pretty obvious that we are vulnerable and this would be relatively simple yet practical defense), but what's to prevent the government from putting some sort of data mining program on their as well. If you consent to allowing the botnet on your computer... it could be argued that you are consenting to allow other associated code to be installed as well (fine print).


RE: I'm all for it
By Ensoph42 on 5/13/2008 10:31:36 AM , Rating: 5
I don't like the idea of the US Goverment "infecting" my machine any more than I like anyone infecting my machine. That being said, I'd volunteer for it allowing it behaved within the guildlines that I expect software to behave. i.e. I had to install it, I could uninstall it at any time, options to set how updates behave, and some type of reassurance that the software wasn't doing anything it shouldn't be. Even then I'd probably run it on a seperate machine on a limited account for a long time.


RE: I'm all for it
By MrBlastman on 5/13/2008 10:38:36 AM , Rating: 5
You think Folding @ Home is competitive..

Just imagine how competitive Hacking @ Home will be or Nuking @ Home will get.

The PS 3 - console today, military weapon tomorrow. Does this mean that you need to get a permit now to buy one?


RE: I'm all for it
By threepac3 on 5/13/2008 11:03:45 AM , Rating: 2
Nuke@Home


RE: I'm all for it
By Chapbass on 5/13/2008 5:02:48 PM , Rating: 3
I hope Darik's Boot and Nuke has some trademark rights on the name :P


RE: I'm all for it
By cheetah2k on 5/14/2008 1:48:17 AM , Rating: 2
I was thinking

FOLDING-CHINA @ HOME


RE: I'm all for it
By choadenstein on 5/14/2008 7:53:17 AM , Rating: 2
Close... but I would replace Folding with another popular F word.


RE: I'm all for it
By OrSin on 5/13/2008 2:51:44 PM , Rating: 2
My biggest problem is not them using my system. My problem is them losing control of it and someone else taking over the bot net. Sorry but the best and brightest in this field is not in Navy and any contracting out will have its holes. I can see the head lines now. Navy losing control of bot net and Destroyer fires on White house from VA naval yard.


RE: I'm all for it
By lightfoot on 5/13/2008 4:01:28 PM , Rating: 2
I wouldn't call a missile strike a DDoS attack. You seem to misunderstand the capabilities of such a network.

What prevents the Airforce (not the Navy) from having the best and brightest in the field of cybersecurity? Is McAfee or Symantec's or even Microsoft's budget comparable to the Airforce's - I doubt it.

If a hacker is considered a weapon-system, you can bet that the Airforce will find the budget to get them - if only to keep them out of the hands of the enemy.


RE: I'm all for it
By SilthDraeth on 5/13/2008 4:06:17 PM , Rating: 1
Where the heck did you get Navy from. Of course the best and the brightest are not in the Navy, they are in the Air Force, which is why the Air Force will have control.


RE: I'm all for it
By JonB on 5/14/2008 7:40:30 AM , Rating: 2
You must realize that Arrogance does not equate to "best and the brightest." The only group I know of (and I spent 8 years in the Navy) more arrogant than the average Air Force officer are "Naval Aviators" (who, of course, think they are all Top Guns!)


RE: I'm all for it
By bhieb on 5/13/2008 11:18:59 AM , Rating: 2
True and that would definately be a big concern, but if they do keep this above board, and make it a volunteer download rest assured it would be one of the most scrutinized pieces of software ever written. I'm sure there would be dozens of groups combing over the code to be sure it was not doing something it was not supposed to. You think the media reports everything that MS/Sony/(insert other company names) does that even remotely hints at private information gathering, the US government would be watched by WAY more people just hoping for a story to jump all over.


RE: I'm all for it
By TechIsGr8 on 5/13/08, Rating: 0
RE: I'm all for it
By Sethanus on 5/14/2008 4:09:42 AM , Rating: 2
Its not only law firms or media that would scrutinize this program (for privacy issues), Hackers would try to crack it, and there goes ur privacy, your money, and your nuke's.

A better idea is to download it onto most government computers, including servers and supercomputers, to increase its power (but that then exposes your govenment computers to agressors).

The best idea is to have a dedicated supercomputer/server farm to play offence and defence (and hopefully contain threats at the site - that includes taking and axe and cutting the internet connection).


RE: I'm all for it
By Polynikes on 5/13/2008 1:10:19 PM , Rating: 5
If this becomes mandatory we're gonna have a lot of pissed off people "breaking the law."

I'll be one of them.


"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki