Monday, November 15, 2010

If I were a jihadist

Thanks again to Paco Hope (author of Web Security Testing Cookbook) for drilling down on the most serious dilemma of the cyber privateer. As he says, "Once the low-hanging fruit is picked and the clear-cut cases are dealt with, you'll have greedy privateers who want to continue the looting and they're going to have to get into grey areas."

Paco continues: "I'm quite happy to accept the idea that the Chinese government monitors and even sponsors cybercrime. However, just because the cybercrime originates from the servers of doesn't mean that the people at that company have any knowledge or complicity in it. The illicit government entities are perfectly likely to attack innocent Chinese businesses and then launch attacks from those businesses' servers. So if some privateer attacks the company that owns the server, he's got the wrong entity."

Good point, Paco. In fact, let's up the scenario and anticipate you are a really clever jihadist. You're sitting in your cave, only pretending to study the Quran. But you're really trying to figure out how to bring down the GSA (Great Satan America) and it's zionist allies. The Stuxnet virus has set back your own nuclear program, not to mention the fact you'd prefer NOT to see a retaliatory nuking of Mecca even if you did build and use a nuke. A far better approach would be to take over the Chinese cyber war capability and make the GSA think they are being attacked by China. Or Russia. Or both. So you pull the pin, say on November 11, 2011 (a date which you hope will live in infamy as 11/11/11, and maybe you time it for 11:11AM in New York City).

On November 11th, here's what you'd like the GSA to think the Chinese did to us:
  1. Since Stuxnet whacked the speed at which the centrifuges ran in Iran (see today's Computerworld story), you use the Chinese data bombs already installed in US utilities to spin up all the power generators until they self destruct. You'll blow the USA back into the stone ages, since big generators are built to order on a specific schedule (see Richard Clarke's Cyber War, p. 100) and aren't in stock anywhere; it'll take the GSA years to get back online.
  2. Cause pressure blow outs nationwide in natural gas pipelines, incinerating whole cities.
  3. Use the data bombs installed in the Air Traffic Control system to cause horrific midi-air collisions. Railroad head-on collisions. Open express lanes both ways for automobiles.
  4. Take down the international banking system. Be careful here, though, because this is not something China or Russia would likely do. Globalization has made their economies co-dependent with the GSA. Better to just drain some big bank accounts and leave a trail of deposits to frame organizations you've come to fear and loathe.
  5. Take down the Internet. Come on, you can blame this one on Christian Fanatics who believe that the beast referred to in the Bible (Revelation 13:17) is really the Internet (the "number of the beast" is 666, which in Hebrew is "www" which…well, you get it). Whack every DNS (Domain Name Server) system in the world with a pro-Christian/anti-Israel "goodbye world" shut-down message. 
The above is just the beginning. A good list would have hundreds of exploits. Of course, you'd have to resist taking credit for the havoc. Leave it up to Russia and China to exchange their own real nukes with the GSA.

Good call, Paco. You write in your email: "The way I see it, we have a few problems: (1) identifying the (real) perpetrator; (2) determining guilt; (3) applying a fair law; (4) meting out punishment to the guilty." As you point out, privateering does a good job with number 4, but needs some serious thought in the first three areas. You further ask, "How do we prevent double (and triple, quadruple, and bazillion-uple) jeopardy?…Once someone's marked to be hit, the others have to stay off?"

I agree these issues must be thoughtfully addressed.

Unless, of course, I am a jihadist.

1 comment:

  1. Ever since Dr. Strangelove, we've depended on MAD and anthropomorphized our opponents as fellow travelers on the MAD bandwagon. This worldview is no longer valid. Now the world is more complex, and much faster, and we now have to embrace the General Mattis Doctrine, the GMD, and for every interaction, with friend or foe, have a plan for their Instantaneous Explicit Death, or IED. With my Glock, my SafeZone is 3m. With my Barrett, my safe zone is 5km. :)


Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?