Re: military strike possible?

["Meritt James" <meritt_james () bah com>]

Perhaps the same way that we have demonstrated excellence in the MidEast
with pur marvelous job of tracking down Bin Ladin or Saddam?  You really
think it matters?  And of course, Cities in Iraq and cities in
Afghanistan had no (ordinary) citizens in them.  "Crossing the line" for
cyber attack was what I was asking about.

SMiller () unimin com wrote:
> Jim,
>
> First, how do we track the culprits down and demonstrate, if not to a legal
> nicety, at least to a logical certainty, that there is no mistake in
> identification?  Second, unlike most military and paramilitary personnel,
> hackers and crackers are usually located in neighborhoods with (other)
> ordinary civilians.  How do we prevent what the Pentagon cavalierly refers
> to as "collateral damage"?  Do we employ the same surgical precision
> demonstrated by the IDF in Gaza?  Assuming that we can fulfill those
> requirements (I'm skeptical) I still have a problem as there is not only no
> statutory law, but no real custom that informs us about when a cyber act
> crosses the line from civilian crime to military attack.  <sarcasm>Even if
> all else was favorable, I suggest that we might first wish to execute the
> culpable fool who routed such vital traffic over the public wire, and/or
> the bandwidth salesman who assured him that his virtual circuit was
> actually physically dedicated and immune to public backbone server
> outages</...>  To keep this from becoming a political debate, I won't even
> go near an analysis of the actual performance of the authorities who would
> be charged with determining that an attack had occurred and formulating the
> response.  I believe that a near-consensus was recently reached in this
> forum that the concept of propagating "beneficial" viruses to immunize the
> computers of the "computer illiterate" was badly flawed; IMNSHO this idea
> is from the same category, but is far worse...
>
> Scott Miller
>
>
>                       "Meritt James"
>                       <meritt_james@bah        To:       "'security-basics () securityfocus com'"
>                       .com>                     <security-basics () securityfocus com>
>                                                cc:
>                       10/28/2003 12:11         Fax to:
>                       PM                       Subject:  military strike possible?
>
>
>
> Going from the premptive strike philosophy demonstrated in Mideastern
> countries, what are your thoughts on a military strike against (as yet
> unseen) "cyberterrorists" a'la
> http://www.msnbc.com/news/985295.asp?0si=- if there were extranational
> agents tampering with identified components of the infrastructure to
> the extent that they were risking human life?
>
> --
> James W. Meritt CISSP, CISA
> Booz | Allen | Hamilton
> phone: (410) 684-6566
>
> ---------------------------------------------------------------------------
> Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
> The Presidio integrates PGP data encryption and XML Web Services security
> to
> simplify the management and deployment of PGP and reduce overall PGP costs
> by up to 80%.
> FREE WHITEPAPER & 30 Day Trial -
> http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
> ----------------------------------------------------------------------------

-- 
James W. Meritt CISSP, CISA
Booz | Allen | Hamilton
phone: (410) 684-6566

---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to 
simplify the management and deployment of PGP and reduce overall PGP costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 
----------------------------------------------------------------------------