Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki

[Nate Lawson <nate () root org>]

On 3/23/2011 6:23 PM, Marsh Ray wrote:
> * Industrial and military espionage: not cyberwar
> * For-profit crime or extortion rackets: not cyberwar
> * Coordinated DoS attack on government, political, or social media 
> websites: not cyberwar

Great, glad those are off the table. I am not sure people using the term
"cyberwar" agree with your list though.

> Based on wild speculation and unscientific extrapolation from public 
> information, I suspect that when it really is cyberwar you won't find 
> yourself in doubt.
>
> In the first 24-48 hours we might expect:
>
> * Banking networks and ATMs will go out.
> * Phone and internet will be severely degraded or down.
> * The power will become unreliable or go down entirely.
> * Traffic lights may go out, water may go out.
> * Malware which spreads wirelessly between every car of some very common 
> model induces brake or accelerator failure, causing a massive number of 
> nearly-simultaneous accidents which shut down major traffic routes.
> * Gas stations and grocery stores will be functioning on mostly cash and 
> have minimal resupply.
> * People don't go to work. Financial exchanges dill not open.
> * Various industrial systems may be permanently damaged but you may not 
> know the extent of it at the time unless they emit visible flames or 
> other hazardous material.
>
> Together, these things sound like a bad made-for-TV movie about Y2K. But 
> most of us on this list know that they are all technically plausible 
> individually.

So scary! And yet that is the same list that hackers were supposed to
bring on us. Using only touchtones and modems...

The only distinguishing thing is that you think a nation state will be
behind it instead of hackers. So why not just call that "sabotage as
part of an act of war"? I'm sure such sabotage would include non-cyber
acts (suitcase bombs, assassinations, etc.)

We don't have conferences discussing "explosive" vs. "projectile"
warfare. These are all techniques and tools for waging war, not a unique
type of war.

> So perhaps a true cyberwar is when the order is given to "push all the 
> buttons", or the point at which it becomes a near-certain eventuality. 
> Interestingly, this point may be obeservable only in retrospect.

Attackers will use all the tools of the day. Computers and networks are
tools, widely available today. What more is there to say about that?

To use a specific example, I'll feel much safer when the power company
removes "remote shutoff" support from my power meter. We should be
intensely discussing how that got in there, how to remove it, and how to
prevent it from happening again. It's a known vulnerability, and I have
the flash dumps to prove it.

Whether it's cyberwar-doers or "hackers", my power will still be off.
The vulnerability is the problem, not who chooses to exploit it first.

-- 
Nate
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave