The Patriot Files Forums  

Go Back   The Patriot Files Forums > Warfare > Cyber

Post New Thread  Reply
 
Thread Tools Display Modes
  #1  
Old 05-15-2008, 05:16 AM
David's Avatar
David David is offline
Administrator
 

Join Date: Aug 2001
Posts: 46,798
Distinctions
Special Projects VOM Staff Contributor 
Default Colonel suggests using hackers' tool against them

AP


SAN JOSE, Calif. - Hackers often harness the combined power of thousands of virus-infected personal computers to pump out spam e-mail or disable targeted servers by overwhelming them with Internet traffic.

Now an Air Force colonel is suggesting the U.S. military build its own "botnet," or network of remotely controlled computers, to be ready to attack the computer networks of foreign enemies.

The proposal Col. Charles Williamson III outlined in the May edition of the Armed Forces Journal highlights the creative cyberwarfare strategies being hashed out by the military as hackers abroad step up their attacks on U.S. government computer networks and others around the world.

"The days of the fortress are gone, even in cyberspace," wrote Williamson, staff judge advocate for Air Force Intelligence in the Surveillance and Reconnaissance Agency at Lackland Air Force Base in Texas. "While America must harden itself in cyberspace, we cannot afford to let adversaries maneuver in that domain uncontested."

The government wouldn't build its botnet by infecting innocent people's computers like criminal hackers, Williamson wrote. Instead, the military could use PCs it was going to throw away. And it could expand that botnet's computing horsepower by implanting its code on other government computers.

Williamson's commentary has ignited a debate in the computer security community about the wisdom of building a military botnet — and the government's ability to control it. The tactic he suggests is called a distributed denial-of-service, or DDoS, attack.

It's what was used last year by hackers in a three-week assault that crippled government and corporate computer networks in the small Baltic nation of Estonia, which is highly computer-savvy.

It's frequently used by organized criminals to extort Web site owners, who end up paying up to keep their sites online, and by botnet operators to disrupt rivals.

Alan Paller, director of research for the SANS Institute, which operates the Internet Storm Center, an early warning system for computer attacks, said it would be easier for the military to lean on Internet providers to shut off traffic from hostile computers than to adopt the "carpet bombing" approach Williamson advocates.

"To me it's a silly solution to a problem that has much simpler solutions," he said in an interview. "What's wrong with it is that it's not instantaneous, it's not precise and it's not entirely effective. There are defenses you can set up against it — whereas using a precision weapon, like working with the network guys, is pretty wonderful."

Some security experts, however, said a military botnet could help strengthen the United States' cyber defenses, and that it seems like a reasonable idea, provided the government owns the computers it's using.

Williamson concedes that one risk of a military botnet is that it could mistakenly return fire at the wrong computers — even those within a government network — if hackers successfully disguise their attacking computers through a process called Internet Protocol spoofing.

Hackers routinely launch attacks from computers in different countries from where they are physically so it's often difficult to determine where the offensives are coming from.

Williamson said the U.S. needs to develop better tools to detect incoming threats on the Internet and determine the true origin of attacks.

One of the thorniest issues the military would face is how to respond if the source of an attack turned out to be compromised computers within the U.S. or a friendly nation.

The military wouldn't be allowed to attack privately owned computers in the U.S. without an order from the president, so those incidents would have to be handled by law enforcement as a criminal matter, Williamson said. And the governments of countries friendly to the U.S. would have to cooperate to shut down marauding computers there.

"The biggest challenge will be political," he wrote. "How does the U.S. explain to its best friends that we had to shut down their computers? The best remedy for this is prevention."

Williamson, reached late Wednesday, said he couldn't comment beyond the opinion piece, under a request from the Air Force's public affairs office.
sendpm.gif Reply With Quote
Sponsored Links
  #2  
Old 08-11-2008, 02:46 PM
Waffa's Avatar
Waffa Waffa is offline
Junior Member
 

Join Date: Aug 2008
Location: Web Wide World
Posts: 26
Default

Quote:
Originally Posted by David View Post
AP

It's what was used last year by hackers in a three-week assault that crippled government and corporate computer networks in the small Baltic nation of Estonia, which is highly computer-savvy.
.

Hello from Estonia here

Jes, this cyber attack was nice & caused a lot of financial loses (more then 10-20s millions they did by looting Estonia streets – youtubest search “Tallinn riot” or “blonze soldier”) but in the end it was good. Estonia internal network was pretty ok & people in estonia even did not understand the big problem, except some banks was offline & some users internet was disrupted. But we was unable to send data out from Estonia or receive news from outside world as we did before.
This was attack was good for Estonia in the end because
1) our networks are more secure now then before
2) it was good training & study operation for Estonians and also for Nato later on
3) Nato is considering to build hes Cyber defense center to Estonia now after they see Estonians wonderful work
4) all this actually made people more know about Estonia russian problem, when they was looting Estonia streets whit Nashi members no one cared
5) world did understand more about cyber terror and cyber war after these news was going around : estonia-russia.tk (but they do similar things in Georgia now).
Now there is clear proofs that Russia did not just use their own botnet and hackers but they also both some Chinese botnets for 3-4 days, after payment ended the mayor attack ended.


Hackers are part of future wars & 100% they are part for information collection & manipulating & disrupting. But to build Military Botnet for DDOS attacks is not the brightest idea in world. Like they did say themselves: hackers use OTHER people computers for attack or just hide their IPs. There might be other uses for this botnet, but doss against doss…
__________________
It's nice to be important, but it's more important to be nice! :)
sendpm.gif Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Good Hackers? HARDCORE General Posts 3 12-31-2004 12:53 PM
Dan Rather Suggests Bush Is Manipulating The Media? MORTARDUDE Political Debate 0 07-06-2004 12:39 AM
New tool,... SEATJERKER General Posts 14 06-25-2004 10:46 AM
DoD panel suggests multiservice peace units thedrifter Marines 0 12-11-2003 06:34 AM
Hackers Steal 13,000 Credit Card Numbers Navy Says No Fraud Has Been Noticed thedrifter Marines 2 08-23-2003 11:57 AM

All times are GMT -7. The time now is 12:50 AM.


Powered by vBulletin, Jelsoft Enterprises Ltd.