The theory is that the Estonian attack was caused by a group of Russian nationalists, with or without Russian government involvement. It was a DIY denial of service attack.
It was called cyberterrorism at the time, but the possibilities are much greater. Nice as it is to know that any collection of fruitcakes can do something like that, the next level is actual warfare.
There’s no shortage of scenarios, either.
The Sydney Morning Herald reports:
What would happen if well-organised hackers - criminal syndicates, agents of hostile nation-states or terrorists - disabled the computer networks that sustain the critical infrastructure of modern societies?
For Michael Chertoff, the head of the US Department of Homeland Security, the threat is real, and likely to get worse. And he's not shy of offering some alarming examples of how such a devastating attack could unfold.
"Imagine, if you will, a sophisticated attack on our financial systems that caused them to be paralysed," Chertoff told a security conference in San Francisco this month. "It would shake the foundation of trust on which our financial system works."
Or what if terrorists launched a successful cyber sortie that penetrated the air traffic control system and immobilised it or, even worse, enabled hackers to direct planes to slam into each other or into the ground.."
All within reasonable capabilities of computer systems, if not really that easy to do. It doesn’t naturally follow that an attempt will succeed. The rise of so much computer crime has generated a lot of countermeasures.
One of the more likely results is partial success, against more advanced nations, and a lot more success, against lower technological level nations. Even that has some pretty horrible possibilities, though.
The concerns have generated a call for greater security measures, and laws to enforce them, which, inevitably, has led to concerns about privacy and civil liberties. Other familiar arguments include the fact that intelligence and surveillance need to be able to act in real time. That’s true enough, but the effectiveness of the intelligence and surveillance is also questionable, as well as its legality. There’s only one way to test the theories.
This is the logic:
The starting point for the concerns is the simple proposition that nations rely heavily on the internet and other computer networks for almost all of their activities - public and private, social, economic and military.
Given the interconnectedness of national and global economies and IT systems, so the argument goes, a successful and large-scale attempt to disable computer networks could cascade through industry sectors, across countries and around the world.
The concern, naturally, is the links between critical communications infrastructure and the internet. It’s the sheer number of possible inputs that’s the problem. There's also some fairly predictable groaning about the "open" internet.
Anyone would think that just because you make regulations, something is actually regulated.
A further problem is that most of the critical communications infrastructure is no longer under human supervision. Like a bad sci-fi movie, it's all automatic.
Jason Smith, a research fellow at the Information Security Institute at Queensland University of Technology, says in the past much of this infrastructure was either directly controlled by humans or relied upon stand-alone information technology systems that were, by and large, secure.
But advances in computer technology and the lure of cost savings have meant that human supervisors were discarded and the infrastructure managed remotely through SCADA (Supervisory Control and Data Acquisition) systems.
Moreover, these systems were linked with an infrastructure providers' other computer systems, and those of other businesses operating in the same industry, say a contractor or supplier. "That means it's a lot easier for malicious software to migrate into sensitive networks," Smith says. "It also means it's easier for sensitive information to migrate out of the network."
Those advances have also created the quite normal situation that much of the technology in use is way behind the top of the range hacker technology.
Maybe there is an analysis done of security issues before these infrastructural systems come on line, maybe not. If there is, it looks like nobody’s very optimistic about their ability to deal with an attack.
A few good accusations are doing the rounds, too:
China was fingered for a series of attacks last year that saw some of the most sensitive US government sites penetrated, including that of the Pentagon.
Official US figures reveal that the total number of security incidents reported by US departments and agencies rose from about 5100 in 2006 to almost 13,000 last year.
This is a bit disingenuous, because the US is hacker heaven, and the Chinese aren’t really likely to do too well out of a cyber exchange. Their international business would be at risk. Most of the cyber attacks on America, at least those which have been publicized, have been by Americans. You’d think that if there were an excuse to accuse another nation of something, it would be used.
There’s also this snippet from the SMH article:
…Either way, the US President, George Bush, formally raised the matter with his Chinese counterpart, Hu Jintao, at last year's APEC summit in Sydney. He also launched a highly classified information security program in January, a scientific effort that Chertoff compared, in its scale and urgency, to the Manhattan Project that created the atomic bomb.
The US is not alone. Germany has also protested to China while Britain has made back-channel complaints.
Certainly, Chinese military doctrine identifies information technology disruption as an important "asymmetric" tactic
So does everybody else’s military doctrine. The US took out Iraq’s communications as a matter of course. The Pentagon is one of the most hacked sites on Earth, and has been for years.
Al Qaeda has made threats about intended cyber attacks on the US financial system, but nothing happened.
Seems superfluous, anyway. The US financial system has been doing a great job of attacking itself, without any help from anyone else.
All of which leaves us with a set of known possibilities, known impossibilities … And that wonderful lack of ideas which seems to be so popular when discussing internet security.
Despite the Chicken Little Guide to Cyber war, there are things which can be done:
Re-rout identified denial of service data. You only need a bit of unique code.
Everyone knows what a slow server does. Artificially slow servers so the attacks don’t hit critical volumes, and sites can implement their security measures.
Rebound/forward to senders. Anything that disrupts the senders will help.
Use backup servers after having identified those under attack.
Read and discard things with the same source codes.
Use the older systems, which are more secure, as reserve servers.
The real problem seems to be assuming the problem can’t be solved.
For those who weren't around 30 years ago, actually crashing the net would return the world to the technology of roughly the early 80s, calculator level.
That technology can't handle
any of the modern services, at all.
Even dialup wouldn't work, let alone cell phones.
You'd have to (wince)...watch... television... (howl)... Oh
God, could it be....?
Talk about "crimes against humanity"... the production would have to be at 80s level, too...
Anyway, what's so wrong about a good old fashioned nuclear war?
