Interesting People mailing list archives
more on Air Force Guards Cyberspace
From: David Farber <dave () farber net>
Date: Wed, 14 Dec 2005 19:27:52 -0500
Begin forwarded message: From: Bob Rosenberg <bob () bobrosenberg phoenix az us> Date: December 13, 2005 7:30:43 PM EST To: dave () farber net Cc: spaf () cerias purdue edu Subject: Re: [IP] Air Force Guards Cyberspace DaveHow is this different, or is it, in some substantive way, different, from the
existing FBI InfraGard (http://www.infragard.net/) program. Will some IPer please explain that? Cordially, Bob Rosenberg P.O. Box 33023 Phoenix, AZ 85067-3023 LandLine: (602)274-3012 Mobile: (602)206-2856 bob () bobrosenberg phoenix az us **********************************************The responsibility of ministers for the public safety is absolute, and requires no mandate. It is in fact the prime object for which governments come into
existence. -- Winston Churchill ********************************************** -----Original Message----- From: "Gene Spafford" <spaf () cerias purdue edu> To: dave () farber net Cc: ip () v2 listbox com Sent: 12/11/05 11:08 Subject: Re: [IP] Air Force Guards Cyberspace [Although this topic is US-centric, it can be translated to other countries' concerns.] There is no indication in the press release that the US Air Force is asserting any domestic mission that would violate the posse comitatus law. It is known, from public statements, that several other countries are training their military to wage war on IT resources in "cyberspace." There have been public press reports about use of "cyberwar" techniques in Bosnia/Kosovo and Iraq, as well as continuing low-level probes and attacks where other conflicts have been going on, including the middle east and India-Pakistan. We also have seen several news accounts of on-going probing and attacks of US systems from hosts in other countries, some of which could be state-sponsored. It would be irresponsible of the leadership in this country, military and civilian, to not have groups tasked to respond to military threats. We have had such groups for some time, although they are not widely known, and they have not necessarily been properly funded or trained. The new Air Force mission statement is the first explicit statement by an entire service branch that they recognize, and will train for, a broader field of engagement. That is almost certainly a good thing for national security. From my experience, the Air Force has usually been ahead of the other services in recognizing and embracing new computing technology appropriately, especially when it comes to IT security (although they still have a long ways to go). So, with all that said, suppose that there were escalating tensions with some foreign country. At some point in that escalation, with no shots yet being fired, the US phone network goes down, or the power grid goes out over 2/3 of the country (or pick a similar scenario -- and don't tell me the systems are too independent for this to happen....our defenses are weak, and extended probing and preparation may be going on as you read this). What is our national leadership going to do? Call out the FBI? The source is not domestic, and the foreign country isn't going to honor a criminal extradition warrant for their military commanders! Are we going to retaliate by dropping bombs and escalating to a shooting war? Or should we simply fold our cards and concede rather than suffer another mass cyber outage? Realistically, we need a national, military presence both to defend against national-level cyber attacks, and with training and weapons to engage in conducting such attacks against foreign adversaries. The Air Force is a logical participant in such a force, especially when you consider the role played by satellites and networked ATC/air defense in national-level theaters, and with their existing expertise in IT. A few big questions that come out of thinking about this whole sphere are: 1) If widespread probing of our infrastructure is occurring from off- shore and traced to national entities, who should respond? Is it an act of war or simply of significant espionage? Is civilian law enforcement up to dealing with either? Should they be? 2) If the same probing, and perhaps even attacks, are being conducted from off-shore by organized crime or terrorist organizations, who should respond? For instance, should the FBI be in charge of dealing with Al Qaida, not only within our borders but also in Aghanistan, Pakistan, etc? If some of the narcotics cartels use cyberattacks to disable and contaminate law enforcement databases from off-shore bases, is it up to the DEA to deal with it? 3) If probing and attacks of critical systems (civilian, military, government) are occurring from off-shore but we don't know who is making them, then who is in charge of defense, investigation and response? Is it only civilian law enforcement? Is it military? 4) With the political and military leadership continuing to underfund and undervalue long-term research in cybersecurity, will we actually be able to defend our infrastructure in the coming years, even if all agencies and entities are involved (cf. <http://www.nitrd.gov/pitac/ reports/20050301_cybersecurity/cybersecurity.pdf>, the aptly titled "The Cybersecurity Crisis")? The posse comitatus law has served us well as a nation, and will continue to do so. However, it was written long before we had the Internet. Knee-jerk reactions against the military fail to take into account the complexities of the world we live in. We should be glad that the Air Force isn't focused on training for the last major conflict, but is thinking of the future. Too bad our civilian leadership isn't equally as foresighted. ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Air Force Guards Cyberspace David Farber (Dec 14)