backtop


Print 73 comment(s) - last by FaceMaster.. on May 21 at 3:25 PM

Sometimes the best defense is a good offense...

The online world is growing to be an increasingly dangerous place, with multiple national governments including Britain, the U.S., and India alleging that their systems are being regularly hacked and probed by Chinese nationalists.  These incidents are the sign of a growing trend and represent the increasing sentiment among military minds that the wars of the future will be waged heavily online.

In the era of online warfare, one of the most powerful attacks are brute force attacks using botnets.  These nets control thousands, or in theory, millions of online computers, remotely coordinating them to perform attacks as simple as simple distributed denial-of-service (DDoS) attacks as well as more sophisticated attacks.

The value of having a strong botnet is becoming readily apparent.  China already appears to have one, if U.S. intelligence is to be believed.  The U.S. is floating plans of building its own botnet to combat its enemies.  And it’s putting the idea out under the public eye to get feedback, as it prefers its actions be discovered sooner, rather than later for fear of public backlash.

Col. Charles W. Williamson III writes in the Armed Services Journal an article calling for the development of a botnet, using the American public's computers.  He wants the botnet to be placed under the U.S. Air Force's command.  The Air Force is becoming increasingly involved with online warfare, with the development of a new sub-branch of the Air Force, the Air Force Cyber Command (AFCYBER).  AFCYBER deals with a variety of online threats from rogue individuals to dangerous nationalists.

Many see the article as more of an announcement as opposed to a question.  Barring massive public feedback, it seems likely the U.S. military will pursue plans to develop a massive botnet for its offensive and defensive purposes.  Williamson raises a valid point that any fortress, digital or real-world, will eventually be penetrated by a determined invader.  He says the only viable solution is to develop and practice a considered offense.

He points out that cyber security circles agree with him on this point; most security experts realize that no method of data protection is currently foolproof.  By merely owning a credible offensive capability, Williamson believes many would-be attackers will be deterred.

How will the botnet be formed?  Williamson suggests first repurposing old military computers.  He goes on to suggest that the military should consider infecting civilian machines with trojans, making them potential zombies, should the need for the botnet's use arise.

Williamson concludes his ruminations on the botnet with an intriguing question.  If another country's civilian infrastructure is attacking our government or civilian infrastructure online, how can the U.S. delicately launch an attack against the attacking infrastructure?

Writes Williamson, "The biggest challenge will be political.  How does the US explain to its best friends that we had to shut down their computers? The best remedy for this is prevention. The US and its allies need to engage in a robust joint endeavor to improve net defense and intelligence to minimize this risk."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: I'm all for it
By lightfoot on 5/13/2008 4:01:28 PM , Rating: 2
I wouldn't call a missile strike a DDoS attack. You seem to misunderstand the capabilities of such a network.

What prevents the Airforce (not the Navy) from having the best and brightest in the field of cybersecurity? Is McAfee or Symantec's or even Microsoft's budget comparable to the Airforce's - I doubt it.

If a hacker is considered a weapon-system, you can bet that the Airforce will find the budget to get them - if only to keep them out of the hands of the enemy.


"I modded down, down, down, and the flames went higher." -- Sven Olsen














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki