Preparing for Cyberwar

Interesting article from The New York Times.

Because so many aspects of the American effort to develop cyberweapons and define their proper use remain classified, many of those officials declined to speak on the record. The White House declined several requests for interviews or to say whether Mr. Obama as a matter of policy supports or opposes the use of American cyberweapons.

The most exotic innovations under consideration would enable a Pentagon programmer to surreptitiously enter a computer server in Russia or China, for example, and destroy a "botnet" — a potentially destructive program that commandeers infected machines into a vast network that can be clandestinely controlled — before it could be unleashed in the United States.

Or American intelligence agencies could activate malicious code that is secretly embedded on computer chips when they are manufactured, enabling the United States to take command of an enemy's computers by remote control over the Internet. That, of course, is exactly the kind of attack officials fear could be launched on American targets, often through Chinese-made chips or computer servers.

So far, however, there are no broad authorizations for American forces to engage in cyberwar. The invasion of the Qaeda computer in Iraq several years ago and the covert activity in Iran were each individually authorized by Mr. Bush. When he issued a set of classified presidential orders in January 2008 to organize and improve America's online defenses, the administration could not agree on how to write the authorization.

I've written about cyberwar here.

Posted on April 30, 2009 at 2:18 PM • 20 Comments

Comments

old guyApril 30, 2009 3:59 PM

Why is it so impossible to point out the obivous and have something done about it? Why do we spend gazillions trying to defend systems on the Internet that shouldn't be on it?

Our brilliant leaders can be so disappointing.

Julian GallApril 30, 2009 4:18 PM

If it's possible to enter computers and destroy botnets, why doesn't someone do it and destroy all the botnets?

cdek421April 30, 2009 4:30 PM

@julian

Simply because in some countries it is illegal to enter/access a system without permission. It's typically covered under the local hacking/computer abuse/fraud acts and carries a hefty penalty. I wouldn't want to be looking at a 75,000 separate counts for bringing down that many zombie machines, even if it was just to clean them up.

periApril 30, 2009 6:37 PM

I don't think I have ever seen a situation in which I would think a backdoor is a good idea. I also doubt any DoD backdoors, hardware or software, will have a case made public so I doubt they will change my mind.

RoboticusApril 30, 2009 7:25 PM

"Or American intelligence agencies could activate malicious code that is secretly embedded on computer chips when they are manufactured, enabling the United States to take command of an enemy's computers by remote control over the Internet." Wouldn't other countries just not buy US computer products if there was even a slightly reasonable suspicion of such a backdoor? Certain loss of industry versus potential benefit for an 'Cyber War' doesn't seem like a good tradeoff. Now maybe some client software on every government owned machine to launch some kind of DDOS attack might be smarter, but it would probably be suprisingly easy to protect against.

NostromoMay 1, 2009 2:06 AM

@DaveC
"If anyone will be embedding trojans in hardware, it will be happening in the countries where virtually all hardware is made - in the Far East."
No, it will be done in the countries where the firmware is written. Of course, that is increasingly unlikely to be the US, but it is not necessarily the same as the country of manufacture.

SkepticMay 1, 2009 2:09 AM

@Roboticus
"Wouldn't other countries just not buy US computer products if there was even a slightly reasonable suspicion of such a backdoor?"
There already is a reasonable suspicion, and it amazes me that other governments buy hardware containing closed, US-written firmware.
Maybe I'm paranoid, but in today's world, the question to ask yourself is not, "Am I being paranoid?" but "Am I being paranoid enough?".

AguirreMay 1, 2009 5:22 AM

Child: "Daddy, What did You do in the Great Cyber War?"

Father: "I played offline."

BF SkinnerMay 1, 2009 6:09 AM

"US computer products" For firmware you mean Intel, HP, TI right? Those aren't necessarily "US". I believe it was the CEO of HP who said..."I don't ever have to hire another US citizen" he hated to say it but thought it was true. And didn't the CIA plant a back door into a SWISS encryption machine? (never confirmed I know)

A nations intelligence service could sneak an agent in to author firmware or influence the chip manufacture itself. ANY nations service...and, well, India's is among the best.

The federal government requires background screening on anyone with even basic access to their IT systems these days. What is being done for people with access to the "commondities" that are the pc's and servers?

In order to trust our systems we have to be able to trust the hardware, in order to trust the hardware we have to trust the manufacturers quality control, to trust their quality control we've got to test. (in the house that jack built.)

askme233May 1, 2009 8:03 AM

Anyone see the short, but to the point article in the latest Economist that points out the current wave of "cyberwar" stories in the mainstream press is really just a turf battle between NSA and DHS being played out?

What I love was how quickly and completely the Economist just dismisses the entire affair as propaganda and doesn't eveen for a second consider it a real issue.

We need journalists like that that call it when they see it and stop regurgitating a "press release" as news.

roger cumblethropeMay 2, 2009 7:10 PM

It's interesting that the article disregards the powerful contol the US already has over the internet - ICANN, Microsoft, Google, Yahoo, Adobe, Facebook, etc. There must be enough backdoors and exploits for both espionage purposes and to potentially cause havoc in any 'rogue' country.

I love the bit about the 'Qaeda computer in Iraq', is that from a Hollywood film or something?

danger_mouseMay 4, 2009 2:14 PM

If what you are all saying is fact and the US has all these back doors, then why did they panic about Iraq and go to war. surely the could have defused all the So called weapons of mass destruction, that they never actualy found

RickyMay 5, 2009 4:49 AM

In today, Cyber war is the biggest problem in the whole world. Our government need to create a organization or policies to prevent whole world from cyberwar. There are many terrorist organization, which is using cyber crime to terror attack.

AnonMay 13, 2009 2:44 PM

Sounds like another excuse to monitor and control the mass public. If the government even has ANY of these capabilities I am pretty sure they are using them already. This terrorist issue is a joke, stop the Order Threw Chaos bullshit.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..