Dailydave mailing list archives
Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki
From: Nate Lawson <nate () root org>
Date: Thu, 24 Mar 2011 19:23:32 -0700
On 3/23/2011 6:23 PM, Marsh Ray wrote:
* Industrial and military espionage: not cyberwar * For-profit crime or extortion rackets: not cyberwar * Coordinated DoS attack on government, political, or social media websites: not cyberwar
Great, glad those are off the table. I am not sure people using the term "cyberwar" agree with your list though.
Based on wild speculation and unscientific extrapolation from public information, I suspect that when it really is cyberwar you won't find yourself in doubt. In the first 24-48 hours we might expect: * Banking networks and ATMs will go out. * Phone and internet will be severely degraded or down. * The power will become unreliable or go down entirely. * Traffic lights may go out, water may go out. * Malware which spreads wirelessly between every car of some very common model induces brake or accelerator failure, causing a massive number of nearly-simultaneous accidents which shut down major traffic routes. * Gas stations and grocery stores will be functioning on mostly cash and have minimal resupply. * People don't go to work. Financial exchanges dill not open. * Various industrial systems may be permanently damaged but you may not know the extent of it at the time unless they emit visible flames or other hazardous material. Together, these things sound like a bad made-for-TV movie about Y2K. But most of us on this list know that they are all technically plausible individually.
So scary! And yet that is the same list that hackers were supposed to bring on us. Using only touchtones and modems... The only distinguishing thing is that you think a nation state will be behind it instead of hackers. So why not just call that "sabotage as part of an act of war"? I'm sure such sabotage would include non-cyber acts (suitcase bombs, assassinations, etc.) We don't have conferences discussing "explosive" vs. "projectile" warfare. These are all techniques and tools for waging war, not a unique type of war.
So perhaps a true cyberwar is when the order is given to "push all the buttons", or the point at which it becomes a near-certain eventuality. Interestingly, this point may be obeservable only in retrospect.
Attackers will use all the tools of the day. Computers and networks are tools, widely available today. What more is there to say about that? To use a specific example, I'll feel much safer when the power company removes "remote shutoff" support from my power meter. We should be intensely discussing how that got in there, how to remove it, and how to prevent it from happening again. It's a known vulnerability, and I have the flash dumps to prove it. Whether it's cyberwar-doers or "hackers", my power will still be off. The vulnerability is the problem, not who chooses to exploit it first. -- Nate _______________________________________________ Dailydave mailing list Dailydave () lists immunityinc com https://lists.immunityinc.com/mailman/listinfo/dailydave
Current thread:
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki, (continued)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Michal Zalewski (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Dominique Brezinski (Mar 25)
- Message not available
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Dominique Brezinski (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Michal Zalewski (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Jim O'Gorman (Mar 27)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki beenph (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Yiorgos Adamopoulos (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Kevin Noble (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Marsh Ray (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 25)
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Miles Fidelman (Mar 27)
- Message not available
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki Nate Lawson (Mar 27)
- Message not available
- Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki delchi delchi (Mar 25)