Here comes the pain (because that’s how we learn)

Last Updated on Wednesday, 12 August 2009 01:36 Written by Jeffreycarr Wednesday, 12 August 2009 09:44

When the wildlife population of a forest are observed abandoning an area for no apparent reason, its because they sense impending danger that their human counterparts are not yet aware of. Witness the Tsunami that devastated Indonesia and Sumatra in 2004. Animals flee. Humans stand around oblivious to what’s coming until its too late.

This week brought yet another resignation from a key U.S. cyber security official, Mischel Kwon, director of US-CERT due to “bureaucratic obstacles and lack of authority”,

Just prior to Kwon, it was Melissa Hathaway, the White House’s acting senior director for cyberspace. Even worse, no one of any accomplishment seems to want the job that Hathaway turned down (a confidential source tells me she was offered the position).

And let’s not forget Rod Beckstrom’s resignation and particularly his resignation letter which revealed just how fucked up the relationship is between the NSA and pretty much everyone else, at least in the area of cyber security.

If these resignations haven’t either pissed you off, or activated your fight or flight response, or both, stand by for the virtual tsunami that’s on the way; the cyber event that will cost us billions of dollars, reveal our vulnerabilities to our adversaries, and – finally – elevate cyber security back to the top of the priority list where it belonged in the first place. That comes with an entirely new set of problems which I won’t delve into right now, but think Iraq reconstruction in 2003 and Katrina reconstruction in 2005, and you’ll catch my drift.

What proof do I have that this will happen? Apart from the migration of experts getting the hell out of Dodge, the biggest evidence that a cyber catastrophe is just around the corner is the elephant in the room that no one is talking about anymore: Conficker C and other mega-bots that have the capability of crushing not just one nation’s entire network infrastructure, but of bringing the entire global Internet to a complete standstill.

Conficker’s authors, still unknown in spite of the best efforts of the Conficker Cabal, have demonstrated:

Internet-wide programming skills, advanced cryptographic skills, custom dual-layer code packing and code obfuscation skills, and in-depth knowledge of Windows internals and security products.  They are among the first to introduce the Internet rendezvous point scheme, and have now integrated a sophisticated P2P protocol that does not require an embedded peer list.  They have continually seeded the Internet with new MD5 variants, and have adapted their code base to address the latest attempts to thwart Conficker.   They have infiltrated government sites, military networks, home PCs, critical infrastructure, small networks, and universities, around the world.  Perhaps an even greater threat than what they have done so far, is what they have learned and what they will build next.(emphasis added)

Now before this turns into a Conficker argument, let me stress that Conficker is not the issue. It is representative of the issue which is that a wired world such as the one we live in is inherently vulnerable to attacks that are the cyber equivalent of an extinction event. That is what a botnet of over one million hosts represents to a nation and to the world. Thanks to Conficker, we know that such bots exist; that they will evolve in sophistication and complexity (i.e., Conficker A, B, and C), and that we have no way to stop them, at least not yet.

So for those of you reading this who are in a position to make your voices heard, please spread the word. The White House and Congress must elevate cyber security to the top of the priority list. Health care will be tough to deliver when your doctor cannot access your data because its stored in a Cloud that seems to have vanished.