Let Slip the Dogs of Cyberwar...

This week, we had the Pentagon both admitting that they had a major breach in multiple systems in March and putting forth a strategy for stronger response to future attacks.  Deputy Defense Secretary William Lynn said that over 24,000 files were stolen from the Pentagon in a single intrusion alone.  Add this to the legion of breaches and attacks that have been escalating in recent years and months.  The CIA, NSA, and even the White House and the Congress are among many federal entities that have been victims of these attacks.  Missile system plans, airplane avionics, satellite protocols and network security plans are amongst the pilfered documents.  It isn’t a mystery who is perpetrating these attacks either.    “We have a pretty good idea who did it” says Lynn.  Given some leaks and other attacks that have been made public, we can guess that its China or other regional state actors. 

Imagine if a gang of state sponsored hoodlums physically attacked federal buildings and carried out boxes of documents.   Would our response be as weak as it has been in the past to these assaults?   The bad digital actors of the world  are literally treating us like the scared convenience store owner that they can rob at will, with risk of little more than a shaken fist as they run away. 

So far the due process of American style justice has come up mostly empty.  They occasionally collar a few of these criminals, when they reside in an extradition friendly country.  But the truth is that the most prolific attackers are out of our jurisdiction and beyond the long arm of US law. 

In some poorly policed former iron curtain countries, there are whole towns of fraudsters thumbing their nose at our investigations.   And attacks on major companies and our institutions are routinely traced to China where the trail goes cold.  The most recent attacks on Google pointed to a town that is known as Chinese military training facility.   It doesn’t take a digital Sherlock homes to see what’s going on here. 

It looks like we might finally be getting fed up of being treated like the digital neighbor wimp whose lunch money is up for grabs and is always willing to take a pounding.  Based on Mr. Lynn’s statements and other highly placed officials off the record comments, it seems the US posture on digital defense is about to change.  Recently, the State department made a statement that digital attacks could be taken as acts of war and would be responded to accordingly.   It seems that they are setting the stage for more forceful responses to future incursions.  And they have indicated that these responses might include more than just digital counter-attacks. 

And rightfully so.  As long as digital thieves and spies can attack our sovereign networks with little cost and no risk of any retribution, they will try again and again till they are successful.  On the other hand, if there is more at risk than just their hard drives, they might think twice and pick on someone else.   I’m not saying that some black ops teams should start visiting the Eastern European spammers (on the other hand..), but things like the now barely deniable joint US/Israeli Stuxnet virus attack on the Iraqi nuclear program seem like  a really smart way to deal with certain problems.  No bullets were fired, no one got hurt and a major foreign policy objective was partial achieved.  

 

The plan is light on details so far, and rightfully so.  They don’t want to let the enemies know ahead of time what to expect.   But watch out computer criminals… the men in black might be knocking on your door some day soon.  And they don’t need a subpoena.

Discuss this Blog Entry 2

Anonymous
on Jul 19, 2011
" but things like the now barely deniable joint US/Israeli Stuxnet virus attack on the Iraqi nuclear program seem like a really smart way to deal with certain problems." ...don't you mean Iranian?
on Jul 19, 2011
So, it's outrageous for anyone to digitally attack US assets and such attacks should be met with "more than just digital counter-attacks", but its just fine for the US to digitally attack countries it currently doesn't like such as Iran? Was the Iran/Iraq confusion just a slip or do you still believe the discredited nonsense of the Bush regime that Iraq was somehow associated with the 9/11 attacks and had a huge cache of WMD? The only responsible action in the environment in which we find ourselves is to bolster digital defenses. The good folks at the SANS institute have given us numerous resources to help achieve this - the problem is that many organisations both govt and private continue to find ignoring the issue or ticking boxes on audit reports more satisfying that actually addressing vulnerabilities. Nobody can completely protect against the zero day vulnerability, but defense in depth goes a long way in mitigating the risk of damage.

Please or Register to post comments.

What's Fearless Security Blog?

Life in the information security industry; tales from outside the firewall. No-holds-barred discussion and commentary on security & other IT matters.

Contributors

Tony Howlett

Tony Howlett is CTO of Network Security Services, a network consulting firm. He is a CISSP and a GSNA.
Blog Archive

Sponsored Introduction Continue on to (or wait seconds) ×