Re: Nato warns of strike against cyber attackers

[Marshall Eubanks <tme () americafree tv>]

On Jun 8, 2010, at 5:08 PM, Peter Boone wrote:

> So let's say a cyber-attack originates from Chinese script kiddie.
>
> Albania, Belgium, Bulgaria, Canada, Croatia, Czech Republic, Denmark,
> Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia,
> Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania,
> Slovakia, Slovenia, Spain, Turkey, the United Kingdom, and the  
> United States
> will all respond by invading China?

That leaves out the important aspect of selection. You can bet that,  
if they do this, they will pick
a more suitable target, say one without strategic rocket forces.

> Is NATO trying to start a war here?

Militaries tend to think in terms of military responses.

What any of this has to do with configuring routers escapes me.

Regards
Marshall



> There's no mention in the article about any kind of electronic  
> response to
> the attack.
>
> -----Original Message-----
> From: J. Oquendo [mailto:sil () infiltrated net]
> Sent: Tuesday, June 08, 2010 3:08 PM
> To: nanog () merit edu
> Subject: Nato warns of strike against cyber attackers
>
> > From the NetSec mailing list...
>
> > At http://www.timesonline.co.uk/tol/news/world/article7144856.ece
> >
> > June 6, 2010
> > Nato warns of strike against cyber attackers
> > Michael Smith and Peter Warren
> >
> > NATO is considering the use of military force against enemies who  
> > launch
> > cyber attacks on its member states.
> >
> > The move follows a series of Russian-linked hacking against Nato  
> > members
> and
> > warnings from intelligence services of the growing threat from China.
> >
> > A team of Nato experts led by Madeleine Albright, the former US  
> > secretary
> of
> > state, has warned that the next attack on a Nato country ³may well  
> > come
> down
> > a fibre-optic cable².
> >
> > A report by Albright¹s group said that a cyber attack on the critical
> > infrastructure of a Nato country could equate to an armed attack,
> justifying
> > retaliation.
> >
> > Article 5 is the cornerstone of the 1949 Nato charter, laying down  
> > that
> ³an
> > armed attack² against one or more Nato countries ³shall be  
> > considered an
> > attack against them all².
> >
> > It was the clause in the charter that was invoked following the  
> > September
> 11
> > attacks to justify the removal of the Taliban regime in Afghanistan.
> >
> > Nato is now considering how severe the attack would have to be to  
> > justify
> > retaliation, what military force could be used and what targets  
> > would be
> > attacked.
> >
> > The organisation¹s lawyers say that because the effect of a cyber  
> > attack
> can
> > be similar to an armed assault, there is no need to redraft existing
> > treaties.
> >
> > Eneken Tikk, a lawyer at Nato¹s cyber defence centre in Estonia,  
> > said it
> > would be enough to invoke the mutual defence clause ³if, for  
> > example, a
> > cyber attack on a country¹s power networks or critical infrastructure
> > resulted in casualties and destruction comparable to a military  
> > attack².
> >
> > Nato heads of government are expected to discuss the potential use of
> > military force in response to cyber attacks at a summit in Lisbon in
> > November that will debate the alliance¹s future. General Keith  
> > Alexander,
> > head of the newly created US cyber command, said last week there  
> > was a
> need
> > for ³clear rules of engagement that say what we can stop².
> >
> > The concerns follow warnings from intelligence services across  
> > Europe that
> > computer-launched attacks from Russia and China are a mounting  
> > threat.
> > Russian hackers have been blamed for an attack against Estonia in  
> > April
> and
> > May of 2007 which crippled government, media and banking  
> > communications
> and
> > internet sites.
> >
> > They also attacked Georgian computer systems during the August 2008
> invasion
> > of the country, bringing down air defence networks and  
> > telecommunications
> > systems belonging to the president, the government and banks.
> >
> > Alexander disclosed last week that a 2008 attack on the Pentagon¹s
> systems,
> > believed to have been mounted by the Chinese, successfully broke  
> > through
> > into classified areas.
> >
> > Britain¹s Joint Intelligence Committee cautioned last year that
> Chinese-made
> > parts in the BT phone network could be used to bring down systems  
> > running
> > the country¹s power and food supplies.
> >
> > Some experts have warned that it is often hard to establish  
> > government
> > involvement. Many Russian attacks, for example, have been blamed on  
> > the
> > Russian mafia. The Kremlin has consistently refused to sign an
> international
> > treaty banning internet crime.
>
> Obviously NATO is not concerned with proving the culprit of an  
> attack an
> albeit close to impossibility. Considering that many attackers
> compromise so many machines, what's to stop someone from  
> instigating. I
> can see it coming now:
>
> hping -S 62.128.58.180 -a 62.220.119.62 -p ++21 -w 6000
> hping -S 62.220.119.62 -a 62.128.58.180 -p ++21 -w 6000
>
> So NANOGer's, what will be the game plan when something like this
> happens, will you be joining NATO and pulling fiber. I wonder when all
> types of warm-fuzzy filtering will be drafted into networking: "Thou
> shall re-read RFC4953 lest you want Predator strikes on your NAP
> locations...
>
> --
>
> =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
> J. Oquendo
> SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
>
> "It takes 20 years to build a reputation and five minutes to
> ruin it. If you think about that, you'll do things
> differently." - Warren Buffett
>
> 227C 5D35 7DCB 0893 95AA  4771 1DCE 1FD1 5CCD 6B5E
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E