Preventing Catastrophic Threats

"Recommendations to Prevent Catastrophic Threats." Federation of American Scientists, 9 November 2012. It's twelve specific sets of recommendations for twelve specific threats. See also this.

Posted on November 23, 2012 at 6:18 AM • 15 Comments

Comments

MateNovember 23, 2012 7:45 AM

A document on catastrophic threats... talking mostly about weapons, cyber-attacks and terrorists. Honestly, you shouldn't need Sandy to realize that one of the most potent threats to safety are natural disasters. A sad, sad story this paper.

Martin SchröderNovember 23, 2012 9:52 AM

Interesting that the most catastrophic thread (a meteor impact) is not featured, although preventing it would probably cost less than all other threads. And of course the risks of global warming are missing. And they are talking only about illicit small weapons. :-(

Clive RobinsonNovember 23, 2012 10:17 AM

Perhaps it is interesting that the more destructive natural threats are left of.

As has been pointed out we are now developing tools to enable us to prevent some of these threats.

But as I've pointed out in the past tools are agnostic to their use and can be used for the purely human notions of "good or bad".

Perhaps the writer diid not want to consider either the possability or what would happen if somebody used these emergant tools to actually generate the problems they were designed to solve ;-)

As has once been observed the human is the most dangerrous of creatures because he has learnt to change his environment, witthout thought for the consiquences.

Steven HooberNovember 23, 2012 10:48 AM

Skimmed the parts I am most familiar with, and meh.

Much FUD that uses bad stats. MANPADs are not a particularly serious threat, compared to anything else, and there is zero chance their ideas would be implemented, but at least they left out incentives.

Aside from the very valid additional threats above, and maybe what martin is referring to, how about improper or accidental use of weapons, up through nuclear devices, or accidental releases of chem-bio products in stockpiles? I say this not just based on the results being catastrophic but due to poor past and current security practices (bad storage, and didn't I hear the USAF circumvented the point of the PALs and they all had the same code?)

Michael LynnNovember 23, 2012 2:32 PM

Where do they find these academics who clearly know nothing about cyber attack/defense yet are always willing to go on record with recommendations pulled out of their ass.

Can someone please explain the theory behind using offensive cyber weapons to defend? How exactly can I use an exploit to "destroy an enemy's cyber capabilities". I get really tired of people assuming that cyber is exactly like traditional warfare and then giving out advice as if they knew what they were talking about.

Michael LynnNovember 23, 2012 2:48 PM

Did anyone else notice that the person who wrote the cyber article in this report is a political scientist and *NOT* a domain expert. Why are we listening to a political scientist on this? Why is a political scientist pretending to know what she's talking about here and giving advice on something she's not qualified in?

Jeff WuNovember 23, 2012 4:25 PM

I disagree with nearly all the criticism here.

Mate: What do you expect them to recommend for preventing Hurricane Sandy from happening? And it seems both less catastrophic and less preventable than the potential threat of bioterrorism?

Martin: Is meteor impact really more scary than nuclear/cyber/biological warfare. I think the answer is "no". I may be wrong, but this clearly requires some analysis beyond your claim.

If anything, I personally think the biggest risk (for a 100 year timeline) that has been neglected is AI risk, though I know many will disagree. And certainly, this is hard enough to reason about that it seems fine to neglect.

Michael Lynn: Why shouldn't a political scientist give advice? It's clear that the politics matters as much as the science, in preventing cyberterrorism, especially in terms of amount of leverage. To me, it seems like we should want progress of safe political thinking, relative to progress in technological thinking, not the other way around. And are you also going to criticize every scientist that votes? How dare they pretend to know what they're voting about.

It seems to me that more analysis should be done about various risks. This memo seems to take good steps, and I'm personally happy to see it.

Michael LynnNovember 23, 2012 5:32 PM

@Jeff Wu:
The problem is not that she's a poli-sci phd, it's that she appears to be totally ignorant about the topic in which she is giving advice.

Clive RobinsonNovember 23, 2012 8:14 PM

@ Ross,

I'm afraid this isn't up to the FAS's usual standards

I think that counts as the understatment of the week ;-)

Clive RobinsonNovember 24, 2012 1:24 AM

@ Michael Lynn,

Can someone please explain the theory behind using offensive cyber weapons to defend?

Yes, it's releativly simple from the limited military point of view.

First you need to realise that in conventional or cyber warfare considerations defense is considerably more expensive than a focused attack.

This is because of the issue of maintaining a large perimeter defence capable of delaying or stopping a potential enemies focused attack at all points.

Further a focused attack has the benifit of optimum efficiency from both the human and force multiplying resources, where as defence requires significant down time for rest, training and equipment maintanence cycles.

Thus a focused attack on key points in an enemies offensive capability reduces their ability to mount an attack of any form and is generaly known as a premptive strike (and is illegal under the rules of war for conventional warfare).

However though this is considerably less expensive than maintaining a suitable defensive capability, in conventional warfare it also usually stops the countries productive economic capabilities and provides a clear oportunity for other potential enemies to make an attack against your now weakend defences (This is what the US did with "Mr. Madison's War" of 1812 to what is now Canada when it was effectivly British Canadian territory and Britain was engaged in a significant European war against France and it's "petty tyrant" Napoleon).

Thus in conventional warfare a premptive strike is generaly only of use against a very much weaker or weakened potential opponent who is generally not actually a threat (hence the reason it's considered an illegal act).

As cyber-warfare is not regulated by any treaties, articles of war or other conventions currently, premptive strikes are much under consideration from the millitary outlook, especially as they can be conducted in a way that alows for the much loved politicaly "plausable deniability".

From a wider perspective than that of the military, defence costs are a significant drain on a countries economy and GDP. And from a certain political viewpoint these costs should be minimised as much as possible.

To remain as effective defence costs can only be reduced by having significant intelligence advantage over potential enemies. Which means in practice the savings are rather less than expected because effective intelligence costs are quite significant.

Importantly this intelligence advantage needs to be both in terms of having accurate and upto date intelligence on all potential enemies be they currently friend or foe, but also on denying all potential enemies accurate intelligence such that either, they gain no benifit from their intelligence activities or more preferably such that they will have an incorrect view of your defences such that they will believe your weak points to be strong, and hopefully that your strong points are weak such that any focused attack they perform will be against the strong points or a trap set out to gain numerical and tactical advantage.

Unfortunatly whilst this "Intelligence Advantage" sounds good in theory and as a sound bite for politicos in practice it does not work for conventional intelligence gathering to any significant advantage during what is in effect "peace time".

To see why you need to take a step outside the limited military and intelligence view and look at the nature of what is inside your peace time defensive perimeter...

In an open society your potential enemy can move fairly freely within the defensive perimeter and thus gather intelligence fairly easily, but importantly also be able to sufficiently cross check it to make your ability to mount deceptive intelligence operations difficult if not impossible.

Whilst a closed society alows deceptive intelligence operations to be mounted with some chance of success, the nature of a closed society reduces or prevents trade and other activites that are generaly needed for a strong economy that can afford a robust defensive capability (it was this that brought down the old CCCP / USSR in that the US could always out spend it).

Further you need to consider there is a considerable difference between conventional intelligence gathering and cyber intelligence gathering and it is important to understand a fundemental asspect of the difference between them when it comes to intelligence advantage as well as premptive strikes.

In the conventional intelligence setup you have two basic areas covered. Firstly technical intelligence gathering via Signals Intelligence (SIGINT) comprising Communications Intelligence (COMINT) and Electronic Inteligence (ELINT), Geographical and Image intelligence (GEOINT/IMINT), Technical inteligence (TECINT) and Measurment and Signiture inteligence (MASINT) all of which is usually carried out by regular military personel using military vessels/vehicals and satellites. Secondly civilian personel with jobs almost the equivalent of investagative journalists carrying out activities such as Open Source Intelligence (OSINT), Financiial Inteligence (FININT) and the messy face to face Human Intelligence (HUMINT) which usually involves "field duties" in foreign countries. The setup for this is generaly "intelligence officers"[1], "contractors"[2] and "agents"[3] as human resources and they may use technical resources of various kinds to augment their activities.

Cyber intelligence gathering is generaly not a job with "travel prospects" nor is it particularly high risk, as it is the job of deploying and operatimg "software agents" onto computers in the targets of interest from remote locations. As such the activity is currently called "APT" and the software agents "malware".

However there are a couple of less well known activites one of which is to employ contractors[2] for computers that are not remotly accessable, the other is supply chain poisoning [4]. It is the latter that is gaining quite a bit of interest of more recent times. However it is suspected that quite a bit of the former has happened but has been put down to just ordinary technology theft or burglary and in some cases arson.

Thus cyber-espionage is considerably different to conventional espionage in most respects and with a little forethought can be mitigated more easily simply by using proper air-gap techniques and reliable physical security.

However in not all cases do those preparing to make cyber-attacks take the care required to fully issolate the computerss the use to develop their offensive capability.

Which brings me to your second question,

How exactly can I use an exploit to "destroy an enemy's cyber capabilities".

If and only if you have sufficient cyber-intelligence and your potential enemy has not been carefull in their preperations then you could moount a premptive strike against those computers. However in practice it would achive little and thus be fairly irrelevant.

What would however not be irrelevant would be a fundemental attack on some asspect of their economy that either requires connectivity to function (say online banking) or due to connectivity is vulnerable to some kind of secondary effect, it is this we saw with stuxnet.

Prior to that I had worked out how to attack voting machines that are technicaly issolated or air-gapped systems but are vulnerable to "maintanence technicians" laptops which in turn are connected to the internet from time to time, thus providing a steping stone.

From many countries perspectives having a Democrat in the Whitehouse is a considerably better option than a Republican with War Hawks sitting on their shoulder...

[1] As a general rule the officers are citizens of your country who are employees of your government and when working abroad have diplomatic immunity, their job function is not that of "James Bond" but investagative journalists.

[2] Contractors are the intelligence equivalent of mercenaries and may be a citizen of any country, as such they are employed in a deniable fashion for specific tasks within a single operation and have no immunity or protection, their job function is often highly specialised as for instance burglars to either remove or copy information or place surveillance equipment.

[3] Agents are generaly citizens or residents of the country under observation as such they are considered by that country to be traitors and if caught will generaly be imprisoned for long terms or more simply executed, their job is simply to betray the confidence of their employers and country and turn over information for idealistic or monetary reasons, as such they are not trusted by their handlers who may well be "case officers" attached to the embassy.

[4] Supply Chain Poisoning happens simply because some time ago for reasons of cost savings many countries stoped trying to produce their own computer hardware and operating systems and instead buy comercial equipment, most of which is actually produced in part or fully in one or more foreign countries.

When it comes to telecommunications equipment the majority of the semiconductors are produced in the Far East either in part or totaly. This has caused conciderable concern just recently as the politicians have finally woken up to the implications of this (although the industry has been aware of it for over a quater of a century).

Put simply the hardware in systems can not be trusted because it's not possible to tell if remote kill or other functions have been added. One such concern is that routers in government or other sensitive networks might be releasing information via covert channels. Whilst no evidence of this has been produced publicaly [5] it has become a political issue used against a number of Chinese telecommunications equipment manufacturers.

[5] What the US Department of Defence has discovered is that they have been subject to the more ordinary criminal activity of "passing off" where substandard parts have been remarked as much more expensive specialy qualified parts and as such are likely to fail when used in challenging conditions.

[6]

conrad6November 25, 2012 1:18 PM

I broadly agree with all the criticism. This fatuous article wouldn't have been accepted to Scientific (ha!) American in its worst politicized editorial month.

nukey nukeDecember 4, 2012 11:21 PM

The most probable catastrophic nuke threat is a Fukushima type failure of one of the 104 aging nuke sites run by for profit cost cutting corporations.

Hurricane Sandy just about did that example in NJ.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..