Re: Enemies at The Firewall

[David Farber <dave () farber net>]

Begin forwarded message:

From: dewayne () warpspeed com (Dewayne Hendricks)
Date: December 23, 2007 4:14:41 AM EST
To: Dewayne-Net Technology List <xyzzy () warpspeed com>
Subject: [Dewayne-Net] re: Enemies at The Firewall

[Note:  This comment comes from reader Joe St. Sauver.  DLH]

From: Joe St Sauver <joe () oregon uoregon edu>
Date: December 22, 2007 11:34:10 AM PST
To: jfree () bbn com, dewayne () warpspeed com
Subject: RE: A liitle late but I just saw this...

Hi,

I happened to see your recent posting, and since I'm interested in the  
cyberwar issue (including having served as co-chair of the DOE "Human  
Factors" breakout group charged with considering cyberwar and cyber  
terrorism for the DOE Cyber Security Research Needs for Open Science  
meeting, see session 4 of http://cybersecurity.colostate.edu/ 
panels/ ). With that for context...

I'm not sure folks fully understand how strategic cyberwar might/will  
actually be waged. In my opinion, cyberwar will not rely primarily on  
malware-based attacks. :-; That process is too uncertain, too slow,  
too-readily thwarted and would have insufficient penetration or  
coverage.

So how might cyberwar happen? Let me give you three examples:

1) We are already experiencing a sort of cyberwar, although because it  
began gradually, and has become a chronic phenomenon, no one  
acknowledges the negative impact and damage it continually causes to  
our economy -- and that is spam. What a perfect attack eh? How much  
time is wasted filtering and deleting spam? How many business-critical  
messages get blocked or overlooked? How many resources are diverted  
from other potentially productive uses? What a great way of promoting  
illegal use of controlled substances, too, thereby helping to subvert  
the nation's war on drugs.

And yet, because this is an attack of a trillion mosquitos rather than  
a frontal attack by a roaring bear, we don't even acknowledge it as an  
attack, and there's no way to definitively tie this attack to a  
hostile government -- absolute deniability!

2) Tactical cyberwar would certainly include attacks against control  
systems; if you're interested you can see my take on this issue at http://www.uoregon.edu/~joe/scadaig/infraguard-scada.ppt 
 (or .pdf)

3) Full-blown strategic cyberwar, worst case, would involve things  
like high altitude electromagnetic pulse-induced damage to terrestrial  
networks and power distribution grids, while simultaneously degrading  
or destroying non-radiation-hardened satellites aloft.

If you're interested, please also feel free to see my talk, "Planning  
for Certain High Risk Security Incidents," http://www.uoregon.edu/~joe/highrisk/high-risk.ppt 
 (or .pdf) from the fall 2007 Internet2 Member Meeting in San Diego,  
where I urge adoption of a program of hardening critical assets to  
resist H-EMP.

Feel free to drop me a note if you have any questions,

Regards,

Joe St Sauver, Ph.D. (joe () oregon uoregon edu)
http://www.uoregon.edu/~joe/



-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com