Interesting People mailing list archives
Re: Enemies at The Firewall
From: David Farber <dave () farber net>
Date: Sun, 23 Dec 2007 21:16:03 -0500
Begin forwarded message: From: dewayne () warpspeed com (Dewayne Hendricks) Date: December 23, 2007 4:14:41 AM EST To: Dewayne-Net Technology List <xyzzy () warpspeed com> Subject: [Dewayne-Net] re: Enemies at The Firewall [Note: This comment comes from reader Joe St. Sauver. DLH] From: Joe St Sauver <joe () oregon uoregon edu> Date: December 22, 2007 11:34:10 AM PST To: jfree () bbn com, dewayne () warpspeed com Subject: RE: A liitle late but I just saw this... Hi,I happened to see your recent posting, and since I'm interested in the cyberwar issue (including having served as co-chair of the DOE "Human Factors" breakout group charged with considering cyberwar and cyber terrorism for the DOE Cyber Security Research Needs for Open Science meeting, see session 4 of http://cybersecurity.colostate.edu/ panels/ ). With that for context...
I'm not sure folks fully understand how strategic cyberwar might/will actually be waged. In my opinion, cyberwar will not rely primarily on malware-based attacks. :-; That process is too uncertain, too slow, too-readily thwarted and would have insufficient penetration or coverage.
So how might cyberwar happen? Let me give you three examples:1) We are already experiencing a sort of cyberwar, although because it began gradually, and has become a chronic phenomenon, no one acknowledges the negative impact and damage it continually causes to our economy -- and that is spam. What a perfect attack eh? How much time is wasted filtering and deleting spam? How many business-critical messages get blocked or overlooked? How many resources are diverted from other potentially productive uses? What a great way of promoting illegal use of controlled substances, too, thereby helping to subvert the nation's war on drugs.
And yet, because this is an attack of a trillion mosquitos rather than a frontal attack by a roaring bear, we don't even acknowledge it as an attack, and there's no way to definitively tie this attack to a hostile government -- absolute deniability!
2) Tactical cyberwar would certainly include attacks against control systems; if you're interested you can see my take on this issue at http://www.uoregon.edu/~joe/scadaig/infraguard-scada.ppt (or .pdf)
3) Full-blown strategic cyberwar, worst case, would involve things like high altitude electromagnetic pulse-induced damage to terrestrial networks and power distribution grids, while simultaneously degrading or destroying non-radiation-hardened satellites aloft.
If you're interested, please also feel free to see my talk, "Planning for Certain High Risk Security Incidents," http://www.uoregon.edu/~joe/highrisk/high-risk.ppt (or .pdf) from the fall 2007 Internet2 Member Meeting in San Diego, where I urge adoption of a program of hardening critical assets to resist H-EMP.
Feel free to drop me a note if you have any questions, Regards, Joe St Sauver, Ph.D. (joe () oregon uoregon edu) http://www.uoregon.edu/~joe/ ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- Enemies at The Firewall David Farber (Dec 22)
- <Possible follow-ups>
- Re: Enemies at The Firewall David Farber (Dec 23)