The nation’s top spy, Michael McConnell, Director of National Intelligence, thinks the threat of cyberarmageddon! is so great that the U.S. government should have unfettered and warrantless access to U.S. citizens’ Google search histories, private e-mails and file transfers, in order to spot the cyberterrorists in our midst.
Like DNI, many believe we are either in the early stages of a cyber arms race or a global cyber war. Given the number of attacks we have seen this year, it would be difficult to argue with either statement. If indeed we are headed into a global cyber conflict, what would be the implications for the United States?
A cyber conflict differs greatly from what we typically associate with a war. There are no bombs bursting or gun fire. It is a silent conflict that is hard to notice until you try an electronic transaction. When we evaluate the progress of a war today we measure death and physical destruction. While there can be minor physical destruction in a cyber war, the political economic and financial implications are the primary measures of success.
The political fallout of a cyber attack will certainly be high, but this will pale in comparison to the financial and economic implication. The results of research on this topic conducted by Spy-Ops are listed below.
Physical Impact 1.2 Very Limited
Social Impact 4.3 Very High
Political Impact 4.0 High
Financial Impact 4.3 Very High
The financial and economic impact of a one day cyber war that disrupts U.S. credit and debit card transactions is estimated at being about $35 billion USD.
The United States is one of, if not the country most dependent on computers. Computers control our financial system, the traffic on streets, rail and in the air, and have become an integral part of our every day lives. In an all out cyber assault against the United States, the financial and economic, social and political implications could be greater that that felt by the 9/11 terrorist attacks.
– Kevin Coleman
{ 31 comments… read them below or add one }
And what is the “social impact” of spying on US citizens. I thought this crap was supposed to end with the fall of Communism. The East Germans were pretty good at spying on an entire country, maybe there are some still around to lend their expertise to the “problem”.
From a financial point of view:
I am a small business owner. I use my computer to:
Buy stamps, buy packaging material, balance the books, take payments, give payments, check bank information, do bank transactions, research products, advertise products (website), find customers…and on and on.
The internet and all of the software that has evolved allows me to be competitive with the big guys and build my company.
It allows me to work 15 hours a day to make it happen….
If the internet was unavailable I could still work and use the old “internet” (the phone) to conduct business.
But it would slow me down, and my business is not internet dependant. Many businesses are….
So the threat is real. But as far as giving my privacy away to the NSA or DNI, no thanks.
Power like that must be out in the open for oversight by our elected representatives.
Our elected representatives do not have the time to babysit the NSA to make sure they are not abusing this “oversight” power.
I would rather have someone disrupt our system, and then have us fix it and figure out who it was, than give a Federal Agency all that power.
Even if we did give them the power, it still will probably happen…..
Let
utterly ridiculous. more fearmongering. more than likely they are doing it anyway, they simply want license to do it.
@ C,
From you earlier posts I do believe you have some knowledge of computer networks… My goodness, man! (Or: woman!) Honestly, (at least) 60% of all wireless routers is unsufficiently protected, a lot of people wouldn’t know a firewall if it popped up and bit them in the nether regions.
OK, so, let’s say, Russia decides to show off and prove it’s still a superpower (Thank you mr. Putin). It attacks US networks, and because there is no physical danger, the threat of acual war is small.
These people know their stuff. AV software always needs a little while to get updated to find new virusses, and in that time (about ten to forty days) a zombie virus could bring a lot of nuisance. Not explosions, but a lot of angry people rattling cages. And in my book, that’s a weapon too.
good night,
Pharsalus
I truly fear for our country if we continue to get people like this in any position of power. It seems like an excuse to treat every citizen as a criminal. or security threat. Who protects us from these guys?
i’m sorry Mr. Coleman, but i think you’re playing into the fear. i know a number of security managers and they are all a bit paranoid (for good reason, it makes them good at their jobs)
i’m not taking issue at the fact that the network is inherently insecure. i’m taking issue at the fact that yet again theres a director citing some gloomy threat to push their agenda for national electronic surveillance of the citizenship.
of course there’s nothing currently able to handle that volume of work. however there is the possibility of there being a clear and legal manner in which an intelligence agency can spy on it’s constituency. the real answer to this problem is to promote increased security on the network, citing lazy managers and admins that oversee insecure networks, and fund research into new and better next-gen architecture that can help prevent an attack even by 30,000 “cyber” warriors.
i hate to say it but much of the blame lays on those in your cadre of executives who laid the foundation of the network. yes hindsight is 20/20 but there’s quite a steep learning curve that needs to happen when you’re developing protocols and transmission technology that would inevitably drive an industrialized economy. this HAD to have been foreseen!
Kevin,
Your estimate of 80,000 is very close, but remember, those are attempts. Every IP address in the world gets probed daily, my honeypot more than most. The DoD has many IP addresses, including entire reserved network ranges.
Further, there were only 1300 intrusions out of that 80,000 attempted intrusions. The Pentagon uses more than 5 million computers on 100,000+ networks in 65 countries, and believe it or not some do not have the most sophisticated security on the public side, although with lower security becomes lower capability for internal network access.
Do the math.
1,300 successful intrusions / 5,000,000 total systems = .02% of DoD systems That is two one hundredths of one percent of all DoD systems were successfully penetrated. Some of the best hacker networks in the world spend everyday all day trying, and yet some of the successful intrusions were multi-million dollar physical access spy intrusions conducted by contractors or even military personal with inside access. DoD systems have encryption and built in security beyond what you buy from Dell, so keep in mind intrusion doesn’t even guarantee theft of data.
Every large corporation and government on the planet wishes they had such a successful record.
Be careful not to buy the hype. There are better strategies, example IPv6 addressing will offer an opportunity to better secure the national perimeter at the exchange or ISP network level. I can think of 10 other upcoming opportunities that the internet evolution will provide over the next decade, and none of them require the NSA or DoD to spy on you or me.
Kevin one final thought.
I absolutely agree the internet is an excellent medium for conflict, for many it already is a medium for conflict.
#5 ignores the US private sector that does the same thing for the US based on existing support contracts.
#6 is not accurate, routed through US networks isn’t the same as source and destination, data on a US network intended for destinations outside the US is easily filtered. Data from Asia to Spain simply on our transport isn’t the same as sourced or destined for a US network, and is open game for inspection by the US under current law.
I’m not downplaying the potential, simply disagreeing with Michael McConnell regarding the best approach.
utterly ridiculous. more fearmongering. more than likely they are doing it anyway, they simply want license to do it.
utterly ridiculous. more fearmongering. more than likely they are doing it anyway, they simply want license to do it.
OK Guys, take a deep breath. The FBI just had its phones diconnected. Enough said on domestic serveillance.
RESPONSE TO
6 is not accurate, routed through US networks isn’t the same as source and destination, data on a US network intended for destinations outside the US is easily filtered. Data from Asia to Spain simply on our transport isn’t the same as sourced or destined for a US network, and is open game for inspection by the US under current law.
If the transaction flows across the U.S. Backbone and is sourced and the destination is outside the US, our law enforcement and intelligence services MUST get a FISA court to approve the surveillance on the US Backbone. (The FISA court just ruled on a similar case a few weeks ago) I already checked this with the legal eagles down in DC I worked with on the PRIVACY side for my testimony before Congress.
This is a clear indicator how our laws failed to keep up with the evolution of Technology.
PS
Spy-Ops, a company I work with has a great diagram of such a transaction and all the laws that protect the snoop and peek on this data. I am trying to get a copy of it and If I do I will get it posted on here.
Oh God, I just love some of you morons. You spent all that money on going to college and didn’t learn a damn thing. See, I didn’t go to college, but, at least I can see the BS from our governemt and media. How come when East Germany fell and they went into the secret police records and everyone was appalled by the amount they spied on their citizen’s perso nal lives. But in this country you just babble about China, terrorists, or the boogeyman and everyone is all for it.
Oh and I’ve been saving this little tidbit for a while now. We already had a war with China. Guess what folks, we lost. Remember, these are the same people who wrote the book on war. They said the best war is one won without fighting. Now that we don’t actually manufacture anything anymore, we’ve lost what’s called an economic war. Come on say it with me, economic. All the F22′s in the world can’t stop it, but, I’m glad all of you enjoy saving so much shopping at Wal-Mart. But, don’t worry we have a plan, we’ll just assume any US citizen is automatically a criminal until proven innocent, that will show them. Oh you needn’t worry about regime change here, we’ve got electronic, non-papertrail voting, so everything will go according to plan.
steve, you do realize that there is a lot more to a countries economy outside of cheap manufactured goods right? 78.2% of the US’s GDP is generated by the service sector, while a mere 20.9% from the manufacturing industry (https://www.cia.gov/library/publications/the-world-factbook/geos/us.html#Econ). While there’s little doubt that China is headed to be the world’s largest economy, they aren’t there yet so that war isn’t over.
However, I think the stated threat of the article is greatly exaggerated. A cyber attack on any country would come via the Internet, so only services that are available on the Internet would be effected. This like credit card transactions, traffic lights, etc either sit on their own private network or through the phone. While e-commerce is huge, an attack that would take out Internet services would effect the whole world but is pretty hard to do.
Send the spy ops data. I have some newer data on the estonia trials pending on cybergeddon, beyond the McConnell praises on domestic versus foreign spying. I would post an article on the website on this, but anonymity is key here for OPSEC purposes. Fwd Noah Schactmann on this article. to:Wired Danger Room. Horahh CI! Go Robots!
http://www.washingtonpost.com/wp-dyn/content/article/2008/01/17/AR2008011700041.html?wpisrc=newsletter&wpisrc=newsletter
Don’t fool yourselves. Something is brewing in China. I was only partially right in a comment I made in May 07 regarding China/US relations. I believe the people of China want to improve US relations, but the government does not. As demonstrated Nov 07 when China prevented the US Navy Kitty Hawk task force from docking in Hong Kong to celebrate Thanksgiving with their families and then the pursuit and showdown by the Chinese Navy in the Taiwan Strait of the same Naval Fleet. This action demonstrates China’s government is not a friend of the US nor do they have any plans to be. With military Generals in civilian government leadership positions, there is no civilian oversight of the Chinese military or China’s international affairs. This puts them out of touch with the people of China and their will for peace. This is a very dangerous situation. Is space our next “Pearl Harbor”. A premptive strike on US intelligence/communication/navigation assets? Based on current information, I believe that the Chinese are positioning themselves for just this situation. The question is when.
Kevin said, “This is a clear indicator how our laws failed to keep up with the evolution of Technology.”
I recognized that type of data transfer would be allowed under FISA but I completely missed what that meant in regards to collection. Your comment is right on.
Still doesn’t mean the DoD needs to go as far as Michael McConnell is suggesting.
I just want to applaud everyone who has commented on this series of articles. We have seen great points, great thoughts, great exchange of view. While we all do not agree with everything everyone has posted, the open exchanges do noting more than to make all of us more informed. I look forward to continuing this series. We have access to a significant network of contacts and allot of data. In any of you have any related topics you would like me to explore, please feel free to let me know. Again I want to thank everyone for their participation.
Given the CIA’s disclosure look at the action FERC took yesterday.
The Federal Energy Regulatory Commission (FERC) yesterday approved a final set of security standards designed to protect the US electric grid against a cyber attack.
The eight security standards include:
* Critical cyber asset identification
* Security management controls
* Personnel and training
* Electronic security perimeters
* Physical security of critical cyber assets
* System security management
* Incident reporting and response planning
* Recovery plans for critical cyber assets
I will stop short of saying I told you so to all the skeptics out there!
The capabilities and threats for war exist (that’s obvious) and all agree. Remember that this is the internet which allows ‘free’ and ‘borderless’ flow of information. So how can we assume that this ‘free and borderless’ channel will be available for two parties to engage in lobbing data bombs at each other.
This is bound to be covert and may already be happening. Get your trojans in place ready for the command, and in the meanwhile keep monitoring (spying ?) everyone.
The spotlight is on China and Russia since they seem to be building a track record of malicious activities, but can we discount any small state ? After all you do not need to build factories or test missiles (all visible signs of threat development), because for this type of war you need a dedicated band of geeks and a lot of megalomania. Or some idiot script kiddie who flips the nuclear switch, just for kicks.
I agree with Kevin: “This is a clear indicator how our laws failed to keep up with the evolution of Technology”. I am doing cyberterrorism for a research project, if anyone has more information to offer, please contact me.
???? ??? ??? ????? ????? ??? ???? ???????? ???????? ??? ??? ?? ??? ?????? ?? ???? ?????? ??? ???? ????? ??????? ????? ?????
??? ?????? ,,,,,
??????
You wellness
thank you
My Site:
?- – – -
- ?-
?- -
- ?-
? – - ?-
- – ?- – -? – – – -? – ?- – – – – – – ?- ?-
?- -? – – – ? – – – – – – – – – – – – ?- ? – – – – ? – ? – – – ? – ? ? – – – – - – ? – -? – -? – -? -? -? -? ?-? -? ? – -
?- -? ? – -? -Mms – -? – – 2008 -? -? -? – – – – – – – – – – – – – -? -? – – – ? – ? – ? – ? – – -? -? – – – – - ?
thank you
My Site:
???????-???-?????-?????-???
?????-????? ??????-???
????-????? ?????-???
?????-????? ??????-???
??? ????-???-???????-?????
??????-???-???????-?????-?????-??? ????-???? ???????-????? ????? -????? ????? -??? ???? -???????-?????-?????-?????-????? -????? ???? -?????????-????? ??????-????? ??????-
????-????? -??? ???? -??? -????? -??????? -????? -????? -????? -????? -????? ???? -????? ????? -????? ???? -????? ???? -????? ???? -????? ????? -????? ??????? -????? ???-????? ?????? -????? ????? -????? ????? -????? ????? -????? ?????? -????? ??? ????? -????? ??????? -????? ???? -????? ??? ????? -????? ????? ????? ?????????? -??? -?????-????? -???-?????-????? ??? -????? -??? ????? -????? ????? -??? ???? -????? ???? -??? ???? -??? ????????-??? ?? -??? ??????-??? ???? -??? ?????? -????? ?? -???
????-????? ????? -??? ?????? -????? ????? -??? ?? ??? -Mms -????? ?? -??? ???? -????? ???? ????? -????? 2008 -??? ????? -??? ???? -??? ???? -????? ????? -??? -????? -??? -????? -??? -?????? -????? -????? ????? -????? ???? -????? -?????? -????? -??? ????? -??? ?????-??????-???? ????-???? -????? ??? -??????? -?????????? -?????? -?????? -??? ???? -??? ?????-????? -??? -????? -???-????? ???
thank you
My Site:
? -
-
? – - ?-
- – ?- – -? – – – -? – ?- – – – – – – ?- ?-
?- -? – – – ? – – – – – – – – – – – – ?- ? – – – – ? – ? – – – ? – ? ? – – – – - – ? – -? – -? – -? -? -? -? ?-? -? ? – -
?- -? ? – -? -Mms
-? – – 2008 -? -? -? – – – – – – – – – – – – – -? -? – – – ? – ? – ? – ? – – -? -? – – – – - ?
thank you
My Site:
??????? -
????? -
??? ????-???-???????-?????
??????-???-???????-?????-?????-??? ????-???? ???????-????? ????? -????? ????? -??? ???? -???????-?????-?????-?????-????? -????? ???? -?????????-????? ??????-????? ??????-
????-????? -??? ???? -??? -????? -??????? -????? -????? -????? -????? -????? ???? -????? ????? -????? ???? -????? ???? -????? ???? -????? ????? -????? ??????? -????? ???-????? ?????? -????? ????? -????? ????? -????? ????? -????? ?????? -????? ??? ????? -????? ??????? -????? ???? -????? ??? ????? -????? ????? ????? ?????????? -??? -?????-????? -???-?????-????? ??? -????? -??? ????? -????? ????? -??? ???? -????? ???? -??? ???? -??? ????????-??? ?? -??? ??????-??? ???? -??? ?????? -????? ?? -???
????-????? ????? -??? ?????? -????? ????? -??? ?? ??? -Mms
????? ?? -??? ???? -????? ???? ????? -????? 2008 -??? ????? -??? ???? -??? ???? -????? ????? -??? -????? -??? -????? -??? -?????? -????? -????? ????? -????? ???? -????? -?????? -????? -??? ????? -??? ?????-??????-???? ????-???? -????? ??? -??????? -?????????? -?????? -?????? -??? ???? -??? ?????-????? -??? -????? -???-????? ???
Look at everything everyone has a different attitude, I treat this game has its own state of mind.
Other players to me how, I will to them how. They send me Hellgate London Palladium, I will send them too. Also played for a long time was not just playing games to one point as a trivial matter to angry. What I will take the short view, too many games like the reality of right and wrong as the real and practical.
i dont know how to write the url and the email address
Thank you for this article really a big help for everyone.
Thank you for this article really a big help for everyone.