Re: Nato warns of strike against cyber attackers

[Hank Nussbacher <hank () efes iucc ac il>]

At 15:07 08/06/2010 -0400, J. Oquendo wrote:

> > At http://www.timesonline.co.uk/tol/news/world/article7144856.ece
> >
> > A report by Albright¹s group said that a cyber attack on the critical
> > infrastructure of a Nato country could equate to an armed attack, 
> justifying
> > retaliation.
> >
> > Eneken Tikk, a lawyer at Nato¹s cyber defence centre in Estonia, said it
> > would be enough to invoke the mutual defence clause ³if, for example, a
> > cyber attack on a country¹s power networks or critical infrastructure
> > resulted in casualties and destruction comparable to a military attack².
> >
>
> Obviously NATO is not concerned with proving the culprit of an attack an
> albeit close to impossibility. Considering that many attackers
> compromise so many machines, what's to stop someone from instigating. I
> can see it coming now:
>
> hping -S 62.128.58.180 -a 62.220.119.62 -p ++21 -w 6000
> hping -S 62.220.119.62 -a 62.128.58.180 -p ++21 -w 6000

Lets try to seperate the attacks into those that we (NANOG) have dealt with 
and those that NATO are referring to - and there is *no* overlap between 
the two.

Attacks such as botnets, hpings, compromised machines, DDOS attacks, site 
defacements, prefix hijacks is what this list deals with, sometimes well 
and other times not.

The attacks NATO is referring to are ones like causing trains to crash into 
each other, attacks causing oil and gas pipelines to overload and explode, 
attacks altering blood bank data, attacks poisoning the water supply, etc. 
- all of which can be done remotely.

NATO is in no way (unless they have been out in the sun too long) condoning 
an attack for a DDOS attack.  I think NATO is discussing attacking if 5,000 
people die from some cyber attack as listed above (I have many more scenerios).

-Hank