“Cyber War”, by any other name, is still a major f’ng problem

Last Updated on Sunday, 7 March 2010 10:57 Written by Jeffreycarr Sunday, 7 March 2010 10:56

I’m so tired of this constant back and forth bullshit over whether or not cyber war exists. It’s just a term, for better or for worse, that members of the public recognize. Whether or not the term has merit is not the point. I’ve repeatedly said that cyber war doesn’t exist even though I wrote a book that uses the phrase in the title. How many people would have picked up a book called “Inside Cyber Attacks, Cyber Crime, Cyber Espionage, Informatized War, Information War, and Computer Network Operations”? That title would have been more accurate but no one would buy it, which pretty much defeats the point of writing a book. What needs to be discussed is not the term “cyber war”, but what the term represents; i.e., how State, State-sponsored, and Non-State actors are using the Internet to:

• rob banks on a massive scale unlike anything we have ever seen
• commit acts of espionage against U.S. corporations that costs the U.S. millions of dollars in stolen intellectual property
• commit acts of espionage against Department of Defense and DoD contractor networks that serves to accelerate other nation states’ race to achieve parity or near-parity with superior U.S. military technology
• commit acts of network intrusion into U.S. critical infrastructure for the purpose of remaining dormant until needed to delay or stop an imminent U.S. military action against an adversary state.

And these bullet points are just the tip of the iceberg, but they’re sufficient to make my point, which is that arguing about what we call this issue shoud be at the very bottom of the list of things that need to be done right now. I agree that Mike McConnell over-stated the case but that doesn’t mean that everything he said was wrong. I think Howard Schmidt under-stated the case, but that’s understandable considering his position as cyber coordinator. And I think that Ryan Singel, while he detests hype used by others, is not adverse to using it himself; i.e., “Cyberwar Hype Intended to Destroy the Internet“. Really? “Destroy the Internet”? Come on.

A Definitive Counter Cyber Operation in 3 Easy Steps

Last Updated on Sunday, 28 February 2010 10:35 Written by Jeffreycarr Friday, 26 February 2010 12:18

You’ve probably read Mike McConnell’s editorial in yesterday’s Washington Post “We’re losing the cyber war. Here’s the strategy to win it.” Overall, it was a pretty good article which promoted the implementation of these tactics:

1. Re-engineer the Internet to make attribution easier.

2. For irrational actors (i.e., terrorist groups), preemptively “degrade, interdict, and eliminate” their leadership and capabilities.

3. Improve information flow between public and private sectors, particularly companies whose networks have been attacked and protect them from the lawsuits which may follow such sharing.

With all due respect to the Admiral, those tactics, sound as they be may, each have a number of obstacles blocking their immediate implementation.  In the meantime, I offer 3 recommendations which can be implemented today at little to no cost that will quickly and dramatically reduce the ability of State-sponsored actors and Non-State actors to continue their attacks against not only U.S. networks but ANY nation state’s networks. They are:

1. Deny access to safe havens in Eastern Europe and Asia by implementing something akin to a COIN strategy to the smaller States that could use our help (most of the Commonwealth of Independent States and Taiwan, for example). An international law enforcement effort led by the FBI and other agencies could provide welcome assistance to these states’ respective agencies who are also victims of the same criminal hacker gangs. This would provide us with the first four of David Kilcullen’s 28 Articles:

1. Know your turf

2. Diagnose the problem

3. Organize for intelligence

4. Organize for interagency operations

2. Reduce their attack platform by compelling U.S. Internet Service Providers (ISP) to verify ALL of their customers’ registration data and turn off every customer with inaccurate information until they correct the problem. This is a vital step because so many bad actors rely on services provided by U.S. ISPs (20 of the world’s top 50 bad ISPs are in the U.S.).

3. Break trust in their tools and alternative payment channels (I won’t elaborate on this in a public forum but I’m happy to discuss it privately).

These steps can be taken today with no extra funding, no re-engineering of Internet architecture, and no Congressional approval. And once taken, the criminal hacker gangs who have been enjoying a perfect storm of high profit and low risk will immediately begin feeling the pain.

This is what fuels RF and PRC Cyber Operations

Last Updated on Sunday, 15 November 2009 11:20 Written by Jeffreycarr Sunday, 15 November 2009 11:20

The Cyberwar Plan

IT’S NOT JUST A DEFENSIVE GAME; CYBER-SECURITY INCLUDES ATTACK PLANS TOO, AND THE U.S. HAS ALREADY USED SOME OF THEM SUCCESSFULLY.

by Shane Harris

Saturday, Nov. 14, 2009

If you want to know why Russian and Chinese military leaders are pushing for the rapid development and deployment of Information Warfare technology, strategy, and doctrine, its because they believe that the United States is already engaged in using it. While that may or may not be true, detailed reports like this one by Shane Harris simply strengthen our potential adversaries will to further penetrate and exploit our own networks.

Even more perplexing to me is why present and former members of the U.S. Department of Defense would talk about it on the record to an investigative reporter. Hell, I wrote a book on the subject and refused to provide any such examples, even when asked to do so (multiple times) by my editor. Come on, guys, WTF were you thinking?