[info] [IP] Re: Enemies at The Firewall

Mon Dec 24 10:19:18 UTC 2007

----- Forwarded message from David Farber <dave at farber.net> -----

From: David Farber <dave at farber.net>
Date: Sun, 23 Dec 2007 21:16:03 -0500
To: ip <ip at v2.listbox.com>
Subject: [IP] Re:    Enemies at The Firewall
X-Mailer: Apple Mail (2.915)
Reply-To: dave at farber.net

Begin forwarded message:

From: dewayne at warpspeed.com (Dewayne Hendricks)
Date: December 23, 2007 4:14:41 AM EST
To: Dewayne-Net Technology List <xyzzy at warpspeed.com>
Subject: [Dewayne-Net] re: Enemies at The Firewall

[Note:  This comment comes from reader Joe St. Sauver.  DLH]

From: Joe St Sauver <joe at oregon.uoregon.edu>
Date: December 22, 2007 11:34:10 AM PST
To: jfree at bbn.com, dewayne at warpspeed.com
Subject: RE: A liitle late but I just saw this...

Hi,

I happened to see your recent posting, and since I'm interested in the  
cyberwar issue (including having served as co-chair of the DOE "Human  
Factors" breakout group charged with considering cyberwar and cyber  
terrorism for the DOE Cyber Security Research Needs for Open Science  
meeting, see session 4 of http://cybersecurity.colostate.edu/ 
panels/ ). With that for context...

I'm not sure folks fully understand how strategic cyberwar might/will  
actually be waged. In my opinion, cyberwar will not rely primarily on  
malware-based attacks. :-; That process is too uncertain, too slow,  
too-readily thwarted and would have insufficient penetration or  
coverage.

So how might cyberwar happen? Let me give you three examples:

1) We are already experiencing a sort of cyberwar, although because it  
began gradually, and has become a chronic phenomenon, no one  
acknowledges the negative impact and damage it continually causes to  
our economy -- and that is spam. What a perfect attack eh? How much  
time is wasted filtering and deleting spam? How many business-critical  
messages get blocked or overlooked? How many resources are diverted  
from other potentially productive uses? What a great way of promoting  
illegal use of controlled substances, too, thereby helping to subvert  
the nation's war on drugs.

And yet, because this is an attack of a trillion mosquitos rather than  
a frontal attack by a roaring bear, we don't even acknowledge it as an  
attack, and there's no way to definitively tie this attack to a  
hostile government -- absolute deniability!

2) Tactical cyberwar would certainly include attacks against control  
systems; if you're interested you can see my take on this issue at 
http://www.uoregon.edu/~joe/scadaig/infraguard-scada.ppt (or .pdf)

3) Full-blown strategic cyberwar, worst case, would involve things  
like high altitude electromagnetic pulse-induced damage to terrestrial  
networks and power distribution grids, while simultaneously degrading  
or destroying non-radiation-hardened satellites aloft.

If you're interested, please also feel free to see my talk, "Planning  
for Certain High Risk Security Incidents," 
http://www.uoregon.edu/~joe/highrisk/high-risk.ppt (or .pdf) from the fall 
 2007 Internet2 Member Meeting in San Diego,  where I urge adoption of a 
program of hardening critical assets to  resist H-EMP.

Feel free to drop me a note if you have any questions,

Regards,

Joe St Sauver, Ph.D. (joe at oregon.uoregon.edu)
http://www.uoregon.edu/~joe/

-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE