funsec mailing list archives
Re: cyber-9/11
From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 08 Apr 2009 04:09:57 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Robert Graham wrote:
Begging the question, well documented where?I was going to ask the same question.
Well, I don't consider this as "well documented" as I like (and as I told Gadi off list, I would have to track down the public information I consider well documented, as the links I had to it are now broken), but consider this from Fergie ("[funsec] Fwd: [ISN] Electricity Grid in U.S. Penetrated By Spies"): http://online.wsj.com/article/SB123914805204099085.html
I don't understand the question. The power critical infrastructure is no more vulnerable to cyberattack than it is to a physical attack, such as bombing selected power substations, or holding an engineer's family hostage while he flips the appropriate switch on a nuclear reactor. State actors or well-funded terrorist organizations do not like hacking. The reason is that the results are unreliable. They'd rather go the physical route and get the desired result in a predictable timeframe.
If China were to go to war against us, they would more likely bomb carefully selected power stations than hack in our systems. It's easier, and more assured of success. (Causing a power blackout either through hacking or bombing is equally an act of war).
Robert, More to the point, the maybe the real question should be, "Why would a State actor initiate a cyber attack instead of a physical attack?" Well, the first reason that comes to mind is: Plausible Deniability. It is a heck of a lot easier to cover your tracks in a cyber attack than in a physical attack. It easily could be a lot harder to figure out where all those bits over the Internet are actually originating from (even ignoring botnets), than it would be to figure out where all the incoming missiles on the radar screen are coming from! (That is, it is much easier to forge packet headers than to change the fundamental laws of physics.) Also, what if the objective is to cause disruption or distraction, and not to do actual permanent damage? As I gave in my example, if China wanted to attack Taiwan, but wanted to get an advantage to reduce the possibility of early U.S. intervention, what better tactic could they have than to launch a cyber attack against the U.S. that appeared to come from around the world? An attack that could disrupt power, communications, and possibly military operations? Or (and this is the one what I am waiting for North Korea to do) launch an attack against our satellites, sending them bogus commands that send them out of control, causing loss of communications, GPS, reconnaissance, etc.? I can see a lot of advantages to a State actor where a cyber attack has advantages over physical attacks. Even if the attacks were not 100% successful, disruption and distraction can give an enemy a strong advantage at a lower risk than a physical attack. (If I wasn't basically brain dead from the worst virus I have had in over 25 years, I could probably think of even more reasons. But now that my fever is again down, its back to bed.) Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 (NEW!) s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkncW9UACgkQUVxQRc85QlP6SgCcCZ3Ks8HVVXLtDJ0q1MNPs2f0 btEAniLBufMUPYR32F8UYkXv3SroxGlt =1z1u -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: cyber-9/11, (continued)
- Re: cyber-9/11 Paul M. Moriarty (Apr 07)
- Re: cyber-9/11 Michael Collins (Apr 07)
- Re: cyber-9/11 Larry Seltzer (Apr 07)
- Re: cyber-9/11 Robert Graham (Apr 07)
- Re: cyber-9/11 Jon Kibler (Apr 07)
- Re: cyber-9/11 Gadi Evron (Apr 07)
- Re: cyber-9/11 Barry Raveendran Greene (Apr 07)
- Re: cyber-9/11 Richard Golodner (Apr 07)
- Re: cyber-9/11 quispiam lepidus (Apr 08)
- Re: cyber-9/11 Robert Graham (Apr 07)
- Re: cyber-9/11 Jon Kibler (Apr 08)
- Re: cyber-9/11 Gadi Evron (Apr 08)
- Re: cyber-9/11 Chris Blask (Apr 08)
- Re: cyber-9/11 Jon Kibler (Apr 08)
- Re: cyber-9/11 Nick FitzGerald (Apr 08)
- Re: cyber-9/11 der Mouse (Apr 08)
- Re: cyber-9/11 Michael Collins (Apr 07)
- Re: cyber-9/11 Paul M. Moriarty (Apr 07)
- Re: cyber-9/11 Jon Kibler (Apr 08)
- Re: cyber-9/11 Donal (Apr 08)