Posted on 05/14/2008 3:52:28 PM PDT by LibWhacker
The USAF wants to make its own botnet to combat forign and domestic threats. (IMG:J.Anderson)
Are we in a cyber arms race? The Cyberspace Command, a US Air Force project designed to defend the cyber domain from threats, is alive and kicking with millions of dollars spent on PR and marketing. The USAF says that there is an urgent need to defend the IT infrastructure on US soil, and a recent opinion article written by COL. Charles W. Williamson III details that they are serious in this mission. The goal is to use botnets to help defend the new cyber domain.
America faces increasingly sophisticated threats against its military and civilian cyberspace. At the same time, America has no credible deterrent, and our adversaries prove it every day by attacking everywhere. Worse, our defensive concept is fundamentally flawed, and we have not learned the simplest lessons of history, COL. Williamson wrote.
Cyber attacks on US Government systems occur every few seconds. Daily there are hundreds of thousands of viable attempts on the network. Now, the only consequence for an adversary who intrudes into or attacks our networks is to get kicked out if we can find him and if he has not installed a hidden back door. That is not enough. America must have a powerful, flexible deterrent that can reach far outside our fortresses and strike the enemy while he is still on the move, COL. Williamson adds.
Ramping up for the botnet argument, COL. Williamson pointed to some recent events that underscore the vulnerabilities in the IT operations across the US and the globe. He mentions that multi-day DDOS attacks against CNN and Yahoo, or the ones against Estonia in 2007, cost tens of millions of dollars. Adding that a DDOS attack against a net-centric military could stop or delay any operation it intended.
To address this threat, The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources, COL. Williamson said. Lt. Chris Tollinger of the Air Force ISR Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find.
There is a lot of talk centering on the civilian sector. For example, how would a private company deal with the US Government knocking them offline? If the botnet is used in a strictly offensive manner, civilian computers may be attacked, but only if the enemy compels us, COL. Williamson said, but he did not explain the nature of the type of attacks that would cause such a response.
Generally, the U.S. military is not going to attack a U.S. private computer. Harm coming from one of those machines will first be treated as a crime, and military forces should stay out of the situation in accordance with the Posse Comitatus Act. However, Title 10 of the United States Code, Section 333, allows the president to order use of the military in the U.S. under tightly controlled conditions when civil authorities are overborne.
There is also the fact that political problems will surely arise should the botnet take off. COL. Williamson addressed this too, explaining that the commander in charge of the botnet would have to explain their actions and give out information as to why neutral or friendly countries were caught in a cross fire or outright attacked.
The fact there is public information surrounding the creation of an AF.MIL bot net means this is not open for debate; it is a reality, which is in the early stages of development. The paper points out that the US is in a cyber arms race ...and we are losing. Still some are worried about several fear factor types of scenarios.
We might kill someone in a hospital or shut down emergency services. False, says COL. Williamson, as there can be cyber "no strike" lists as in the real world. However, what is missing from his response is whether cyber defense or offence will have acceptable losses, where sometimes its ok to remove a hospital if the enemy is hiding next to it. Likewise, if a cyber attack came from a medical network, and the threat was real, then it is possible it would be taken out.
Our enemies will know it was America that attacked them. To that, COL. Williamson says we want everyone to know it was the US Government. We want potential adversaries to know this capability works and will be used when needed. In fact, we should do live-fire demonstrations on the Internet against range targets so foreign SIGINT can observe. Of course, we should fire inert rounds so as to not give away secrets. (Note: I understand the point he makes here, but if I look at server logs and see nothing harmful, I likely would not notice the inert attack from his botnet Steve)
The big question is, will it work? How well will this defend the cyber domain from future threats? How will they ultimately deploy it? If they used only military and government networks, then the coverage is rather small from a botnet score. This leads to reason that they would have to use private and corporate networks. Is this type of defense even feasible? Who will pay for it? They said they envision using older equipment that would normally be discarded, so some of the costs may be offset there, but there are other costs associated with this type of build out for a network.
This is a government project, so you may never know those answers. The question is, will they name the project Skynet? (If Hollywood can do it, so can we.)
Are they going to run Vista?
The Cyberspace Command, a US Air Force project designed to defend the cyber domain from threats, is alive and kicking with millions of dollars spent on PR and marketing.
Since it’s an Air Force project, they’ll call it “SkyNet”.
Binary Keyboard
My guess is that’s just the spending they can talk about. The rest probably is black as the inside of a lump of coal and dwarfs this spending. Also, where is NSA? Probably already involved up to their necks.
LOL... the NSA probably reads their internal email...
And yes, it’s very black and the tools are damn powerful. A buddy of mine is a security expert, works for a large electronic target, and goes to these ‘meetings’ where buncha guys in black suits come out and give a briefing on the latest threats. And he can’t tell anyone outsied the security office anything.
Yea. Black. And *well* funded. And *powerful*. They make whole companies disappear (mostly those that make security tools).
Do you dare click on it. :)
They are taking over the lineage of an old friend.
Or as one of my old AF buddies said:
Step 1: Cut all connections to the blanking internet.
For all the money our gov. agencies will spend on these likely futile ventures, they could create a separate net with unique protocols.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.