Home of the Guides to (mostly) Harmless Hacking Brought to you by... The website computer criminals don't want you to read!

The Cyberwarriors

Who they are, and how to become one


A History of Cyberwar, continued...

Just over the last three years, cyberwar has escalated from a seemingly theoretical threat to an urgent concern. On Nov. 1, 2006, Richard Power of GS3 Intelligence warned a group of technology leaders that “Now there is an unprecedented convergence of threats.” One of the worst, he said, was organized denial of service attacks by botnets, which are centrally controlled networks of covertly recruited attack computers. “Six or seven thousand organizations are paying off cyberspace extortionists,” said Power, in order to keep them from being run offline by botnet attacks.

A few days after Power’s warning, the U.S. Naval War College discovered that Chinese hackers had infiltrated their network. Said one U.S. official, this "is where the Navy's Strategic Studies Group is planning and practicing cyber-war techniques, and now they don't even have e-mail access." Shortly thereafter, the National Defense University in Washington, DC discovered that it, too, had been penetrated by foreign cyberwarriors.

Organized crime syndicates are also waging their own versions of cyberwarfare. Vint Cerf, one of the fathers of the Internet and a vice president of Google, recently said that one quarter of all computers with online connections are secretly controlled by crime syndicates. Even this may be an underestimate. Prof. Sanjay Goel of the New York State Center for Information Forensics and Assurance recently discovered a university where 70% of the computers had been recruited into botnets.

Perhaps most famously, in late April of 2007, cyberwar broke out as a protest against the Estonian government moving memorial statue honoring Soviet World War II war dead from the central square of its capital city, Tallinn, to a cemetery on its outskirts. Cyber attacks coincided with riots in Tallinn, leaving one dead, hundreds injured, and over a thousand arrested. The Russian parliament demanded the resignation of the Estonian government and Russian Railways canceled passenger routes between St. Petersburg and Tallinn. Meanwhile, distributed denial-of-service (DDoS) attacks drove offline the computers of all Estonian governmental offices and many major businesses.

As one of the world’s most cyber-savvy nations, Estonia’s sysadmins soon blocked the sources of the DDoS attacks, which they said originated within Russia. In the aftermath, the Russian government denied responsibility. Many commentators said it was just a cyber riot conducted by patriotic Russian hackers.

This was not the first time that a nation may have waged cyberwar under the guise of hackers acting on their own. Indeed, this deniability factor complicates defense. If it is impossible to prove what organization is responsible, then neither retaliation nor deterrence may be feasible. In most cases the defenders must settle for blocking the channels of the attacks, or taking out the attacking computers, regardless of whether they are owned by the attackers (unlikely) or by naïve bystanders (typical).

In partial response to this, the Washington Post recently announced in January, 2008, that President Bush signed National Security and Homeland Security Directives to authorize the Office of the Director of National Intelligence to lead a task force to identify the “source of cyber-attacks against government computer systems…aimed at securing the government's computer systems against attacks by foreign adversaries and other intruders.” While this directive does not include language that includes commercial, academic and private computers and networks, it is increasingly clear the US Government is taking these threats very seriously.

Clearly, these emerging threats won’t be halted by arresting hackers. Even in cases of extortion by organized crime, the threat has escalated far past anything the FBI. alone could quell. According to a Nov. 30, 2007, Wall St. Journal story, “Arresting the guy who writes the code… is the equivalent of arresting the Mob foot soldier. He’s replaceable and removing him won’t make a dent in the overall organization…. the people who write the software and build these botnets are so commonplace that the price to rent a botnet network has dropped to about 5 cents per computer per week.”

That’s why Dr. Andrew Jones, head of security technology research for British Telecom, warns that the tactics of cyberwar are essential even for non-military organizations. “Responses need to become more offense-based. New models may need to be ‘shoot first, ask questions later’ when suspicious activity is detected.” True, this raises legal and diplomatic issues, but this is where today’s defenders are heading.

To be continued later, sorry.


       © 2013 Carolyn Meinel