To get notices of new blogs via email, click here:

Thursday, March 24, 2011

Cyber war proof-of-concept adventures

A combination of cyber weapons-test headlines gives the briefest of hints as to what a full-blown cyber war might look like. Multiply these by 1000 and you get a glimpse of the job facing the U. S. Cyber Command:

  1. Data bombs in key infrastructure systems could not only cause massive disruptions but could actually cause infrastructure meltdown. See Richard Clarke's Cyber War, yesterday's headlines, or the Economist ad I rolled out in my second-ever post to this blog.
  2. Re-routing of Internet traffic through China is described as "accidental" in today's headlines is IMHO a dry-run for targeted exploits on a  government scale.
  3. Lots of ways to skin a cat, including SSL certificate theft by Iran. Compromise everyone's certificate at once and you have a fur ball not easily unravelled.
  4. Remotely infect all our swell new high-tech/Internet-connected cars with an MP3 virus and bring traffic to a screeching halt in major metro areas, possibly tying up police and fire resources as a precursor to attacks—cyber and non-cyber terrorist attacks—in other areas.
  5. See my if-I-were-a-jihadist posts Part 1 and Part 2 for a few other example scenarios.
The above is illustrative and not at all comprehensive. But it underscores my assertion that no amount of tax dollars could create a U. S. Cyber Command capable enough to stem the tide in a full-blown cyber war. The extent to which individuals and governments probe anything that even touches the Internet is illustrated in my post listing the IP addresses of Chinese attack servers whacking away at my own "honey pot" Linux server.

Just like we distribute MIPS in highly computational tasks like the search for extra-terrestrial intelligence (SETI), why not distribute cyber protection by monetizing it through a well-defined army of cyber privateers? I've posted both the legal justification and a surprisingly robust-if-I-do-say-so-myself Cyber Privateer Code.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?