The U.S. Air Force announced it plans to construct a large botnet. The term Botnet is jargon for a collection of software robots, referred to as bots, that take over and run autonomously or by remote control on infected computers. These bots present a serious security threat to the computer owner. Cyber militaries and hackers leverage the combined power of hundreds of thousands or even hundreds of millions of computers that have been compromised to pump out spam e-mail or disable targeted servers by overwhelming them with Internet traffic.
There are over 100 million computers that have been compromised and are now part of botnets. The largest botnet is thought to owned and operated by the RBN — Russian Business Network. They lease capacity of their botnet for spamming and other more sinister purposes. The second largest botnet is owned and operated by the Chinese military. The estimated size of their botnet is put at 85 million and growing fast.
Military Applications
Espionage — collecting information from the network of computers that have been infected with the malicious code. Collecting keystroke information that contains log-ins, IDs and sensitive information or actually capturing screen shots of what the user is doing.
DDoS — the network of computers can be remotely commanded to start flooding a target system with transaction, overwhelming it until it shuts down
A bit late to the game, the U.S. Air Force has to rapidly construct their botnet. In the May edition of the Armed Forces Journal, Col. Charles Williamson III outlined the cyber warfare strategy being hashed out by the U.S. military. There are reports that the plan calls for using the publics computers to create this offensive cyber weapon. There is no question in the minds of many who are working in the cyber warfare field that the U.S. must create cyber weapons and that a botnet is just one of the many that need to be in our arsenal. But the devil is in the details!
{ 9 comments… read them below or add one }
Right to the point and not holding back any punches – that is the Kevin we have all come to admire and respect!
I’m not sure the Air Force has announced it’s plan or just LCol Williamson. A brief and interesting response is here. http://tinyurl.com/67vgcw
Another good link
http://washingtontimes.com/apps/pbcs.dll/article?AID=/20080515/FOREIGN/586297128/1003
Well, I’m skeptical, but pleased- and I’m also obliged to wipe the egg off my face and have a helping of crow, because I never expected the USAF to do this. Operational botnets generally have the advantage of being spread all over the world, making them hard to stop by blocking off IP ranges. I wonder how the AF plans to emulate this attribute? It’s amusing to imagine a cheap apartment in Goa or Minsk with nothing inside but a dozen cast-off desktops being remote-admin’d by the “Cyber Command.”
“The U.S. Air Force announced it plans to construct a large botnet.”
If your lead sentence is completely wrong, you deserve a serious spanking.
The paper in question is a proposal by an Air Force colonel. It is not a “plan”, and the U.S. Air Force did not approve it.
Kevin Coleman owes the DT readership an apology. Complete misunderstanding of the subject in question is usually handled by AP/Reuters. DT should get out of that business, since they cannot compete.
Tim & Kevin you are both right.
Kevin the point you make is valid. PCs in the US being used in a botnet would slow the Internet for everyone unless the Air Force have their own HUGE pipe through special routing to take the DDoS they launch off our backbone. Tim you are right, Kevin’s point I addressed above and his comment about DDoS architectures require assets outside the US to launch DDoS cyber attacks. It is this type of contructive dialog I love on here. IT expands the understanding of the issues.
The numbers seem a little wonky – 100M total bots, and the *second*-largest botnet has 85M bots? Either the numbers are off, or machines get infected into multiple botnets. I could believe the latter, but it would be interesting to see confirmation.
Hey there Tim, before you spank Kevin you had better check this link out!
The Headline is Air Force Looks to Use Military, Civilian PCs For Offensive Botnet
http://www.dailytech.com/Air+Force+Looks+to+Use+Military+Civilian+PCs+For+Offensive+Botnet/article11760.htm
Lets all work together and beat the bits out of them
you sure got it on this one