Comments on: Integrated Cyber Operations

By: shawn1999

shawn1999 — Mon, 01 Feb 2010 21:15:40 +0000

Its all real simple folks– “cyber warfare” is not warfare in and of itself. It is merely one aspect of total warfare. It is easier to think of this and liken it to attacking and defending supply routes. Any system can be targeted, but who cares if its carrying letters from home instead of rations and ammunition? And even if it is, it would be far better to turn that data to suit your means — similar to the what the Allies did with the Nazi encryptions– let the data flow without the enemy knowing you are watching what is going where– much more valuable than resource denial. And of course, one would have to devote resource to preventing the same from being used against us– especially since most of our current/active enemies are less technologically enabled than we are– they would have far more to gain from cyber snooping than we.

By: Oble

Oble — Wed, 27 Jan 2010 05:45:58 +0000

Cyberwar is the US government getting into the cyber crime business.

So while the US software and hardware industry tries to sell companies products that they claim are safe and secure, the US government will be doing it’s best to destroy the market by mandating trapdoors and building phishing schemes into American products.

The Google case is quite instructive where things are headed, for millions of Chinese businesses Google has transformed itself overnight from a trusted vendor into untrustworthy agent of a hostile foreign power. A market cannot exist if it is turned into a battlefield and Google is basically doomed now in the worlds largest internet market.

By: Anon

Anon — Wed, 27 Jan 2010 03:51:17 +0000

Please do not underestimate the threat of Cyber warefare, it is real and I see it every day.

By: TMB

TMB — Wed, 27 Jan 2010 03:12:38 +0000

Do you have any idea how many computers the US Army uses? Or how many command and control systems have USB ports? You don’t need to kill anyone to stop an army. Launch a DDoS attack on the websites we use to order spare parts with compromised passwords, email a virus and wait for some dumb soldier copy it from his yahoo account onto his SIPR computer, or from his home computer to the computer attached to the entire post’s network. Figure out how to phish the identities of a divison’s worth of troops before they’re supposed to deploy. For those of you poking fun, use some imagination and consider the possibilities.

By: Ptsfp

Ptsfp — Wed, 27 Jan 2010 02:04:02 +0000

Yeah Matt, usually when white hat hackers find a vulnerability, they notify Microsoft, or whoever, and will wait until a patch is released before they release the exploit code.

Like you said, I am pretty sure Chinese, or Russian hackers wouldn’t be quite as nice…

By: Ptsfp

Ptsfp — Wed, 27 Jan 2010 00:32:44 +0000

Spec Boat, several US experts have stated publicly that if we are ever in a war with China, our power will go out. They have actively and noisily, targeted our electrical infrastructure. Where China does not seem to care if they are detected, Russia is a lot more covert in their penetration attempts.

Many critical government facilities have installed backup generators to complement battery backup. But we as a nation are so reliant on power that this would be a huge problem if the lights go out.

Kevin has access to other sources that are not public, so he would have a better view of the full picture on this.

Ptsfp

By: Spec Boat

Spec Boat — Tue, 26 Jan 2010 21:18:37 +0000

Oh boy! Let me remind you of the threat analysis during the run-up op's to the 1st Gulf War. The leadership in charge of the 'Red' team was able to luanch it's (Simulated) assult by using runners, and landlines. The opening barage was so devestating to the 7th fleet that the organizers decided to 'Just start over'. The lesson then was, "Don't rely on high tech to completely win the day!" Flash fwd: to 2010...next Gen UAV's, remote shake-n-bake sensors...didn't we learn the first lesson? Now we have Al Quacky hacking into UAV feed's!! Not good! The bottom line is we don't know what a total all out assult on our infrustructure (the presumed first strike) would do to us, but the real question is (and the one nobody here is asking) do our enemies?

By: Matt

Matt — Tue, 26 Jan 2010 19:49:12 +0000

It's probably not "easy" to stop a hi-tech army with viruses, but DDoS attacks and/or targeted attacks against undocumented vulnerabilities are a threat that needs to be accounted for. Just about all of SIPR and NIPR are made of COTS stuff, a hodgepodge of AD/Exchange, Solaris/Linux, Oracle databases, etc. etc. IIRC the services are having to survey NIPRnet because they don't even know what's hooked up to it. There are also other uncountable other networks at various levels of sensitivity, run by individual commands, that are also mostly COTS. Don't get me wrong, on average all of these networks are far more secure than your typical commercial network. The government is pretty good at documenting and enforcing good security policies. But: it's all still commercial IT equipment, and there are surely security vulnerabilities that are yet unknown by the white hat community. If the Chinese (for example) have an exploit that no one else knows about, they could wreak a certain amount of havoc with government systems, and it would happen so quickly that there wouldn't be time to get Microsoft (or whoever) to develop a fix and then roll the fix out to all the zillions of machines that have the vulnerability. As for "cyberterror" specifically, I'd worry less about federal government systems and worry a lot more about what state/local government and utilities are running. Lots of them are on par with the feds, but I've also seen some critical systems basically hooked up directly to the internet and left unpatched. Ergh.

By: Ptsfp

Ptsfp — Tue, 26 Jan 2010 17:46:44 +0000

Or the three stooges attack to the eyes, that is always very effective!

By: Ptsfp

Ptsfp — Tue, 26 Jan 2010 17:44:54 +0000

You probably hit a firewall that is blocking the traceroute ICMP packets. I think I remember seeing a utility that uses modified ports/packets to bypass the ICMP block.