Computers and networks have blurred the boundaries when you look at cyber warfare, cyber crime, and cyber terrorism. There is no doubt that future conflicts will involve cyber warfare between nations. Distinguishing between military and criminal and civilian attacks is tough and could create a dangerous problem in determining who is behind a cyber attack. It’s very difficult to trace cyber attacks back the responsible parties. It is rarely the case that the computer forensic analysis conducted as a result of a cyber attack yields enough hard evidence that would meet the “beyond a reasonable doubt” standard we apply in non-civil court actions.
There are millions of pieces of malicious code available today along with a significant number of vulnerabilities that can be exploited by cyber soldiers, hackers and others who wish to compromise computers and networks. Websites now provide both novice and expert level computer attackers with the latest, up-to-date programs and support needed to plan, design, develop and initiate cyber attacks. In fact, these websites provide services to parties that are interested in hacker computer systems and networks.
When you use the Internet, you leave the equivalent of digital footprints and attacks leave digital fingerprints as well as digital DNA. Every message a computer sends to a different computer travels in a series of hops from one router or server to another leaving behind logs and addresses of the route. Even after the message is received, the record of its path of travel remains behind. There are also a number of ways that attackers use to obscure their location and identity. Intelligence around cyber weapons development and cyber attacks is very limited. In our vast sources of intelligence gathering capabilities only electronic intercepts and human intelligence have the ability to provide the primary sources for our intelligence helping to defend our nation against cyber attacks. The tools and technologies available to law enforcement and the Defense Department are not keeping pace with the rapid advances being made in cyber weapons used by attackers. The current state of the practice and available tools regarding the technical ability to track and trace cyber attacks remains very primitive. The advanced level of sophisticated cyber attacks make it close to impossible to trace to their true source and have the hard evidence that would pass the court of public opinion. In addition, the technical nature of the investigation would make it difficult to effectively communicate to those serving on a jury. Advanced tools for tracing complex attacks are among the research topics that are currently under development by multiple organizations and agencies, but we need them now.
We have seen the harbingers of cyber warfare and the image they present instills fear in our military and technical professionals. Dozens of nation states currently have highly sophisticated cyber attack capabilities and many others are in the process of developing cyber weapons of mass disruption. Advances are needed now to defend our systems against such attacks. Likewise, advances tools, techniques and trained staff are needed now to conduct the investigations into the rash of cyber attacks we are experiencing. Finally, international laws and doctrine must rapidly be developed and implemented as part of our overall cyber defense activities.
To the author Kevin Coleman:
You wrote: “Even after the message is received, the record of its path of travel remains behind.“
Do you really believe that professional hackers (criminals or cyber-soldiers) attack other computers
1) …from their own home addresses or institutions, respectively, or even from their own country?
2) …always (even twice?) from the same I.P. address, maybe an I.P. address that forced them to identify themselves? (Fake I.D.s are still another matter, but professional hackers have both the means to acquire and the motivation to use those)
You wrote: “Finally, international laws and doctrine must rapidly be developed and implemented…“
An interesting conclusion, although I was already expecting “something like that” at the end of your article. It was simply too predictable, too typical…
1) International law (meaning: Global laws, not regional pacts of any sort) only rules questions of sovereignty, war and commerce, and even that only on a voluntary basis. It doesn’t even impose the metric system as the International System of Units on all nations, for example! Any country can slam the door on any global organization it belongs to — nobody will come chasing it home for that. Global law doesn’t even rule the sea (effectively, not hypocritically), which covers 70 % of the planet, or force any country to extradite the worst criminals to another or to some sort of “World Court” — of which the U.S.A. flee anyway like the Devil of holy water.
2) Do tell me: Is “Echelon” failing already…??
So, U.S. American… how are you going to force every nation to monitor all its computer users and what they do?
And even after you’ve accomplished that somehow, are you sure that the cyber-criminals will suddenly knock at each Web-site’s front door again?
You haven’t seen anything yet, LOL!
All good point except for one thing. The artifacts left behind all include what is being called Digital DNA that give some indications as to who and where the code was developed. As for thetechniques for cloaking, most attacks todate use botnets. An overwhelming percentage of those are on computers that the owner does not have any idea they have been compromised and we can usually trace back to those. If you look at the attack on the DoD that allowed over 20 tera bytes of data to be taken, we can trace back where that data went.
Your best point is the last one. This is a race and the hackers and defenders change places quickly and continuously.
So as your last statemement appears that you are the enmy I would like to say this — you have no idea what the US Military, Intelligence and hacker comunity that comprose our cyber soldiers have in store for those who attack our systems.
To the author Kevin Coleman:
You wrote: “All good point except for one thing. The artifacts left behind all include what is being called Digital DNA that give some indications as to who and where the code was developed.“
Hacking itself (not malware in general) is either detected in flagranti or it leaves no artifacts behind.
You wrote: “…we can usually trace back to those.“
Yes. Crowded Internet caf
freefallingbomb you watch too much TV
But he must buy fiesta Gold enough for your wedding, otherwise I will not agree.
My friends in order to help me, send me much Requiem gold, I was very thank him.
Master, I am really very think of you, what a pity that we as if already parted forever. Now, I buy Habbo gold for your come back.
For in the game I can have a family, I was go all out to work make Lord Of The Rings Gold, so long as there were the methods which could make money I has tried.
But others actually need to practice the level laboriously from the first floor, make cheap Hellgate gold to buy the equipment laboriously, all the times upgrade to the high rank.
The husband, for you, I will want to adjust myself diligently and I will make cheap lastchaos gold.
That is first time that I used the ice arrow, I was so excited, and in a week I got 4000 mabinogi money.
Do you know that I am so heart-struck? But I still will buy imvu credits for your equipment.