RED Alert
Recognition of a emerging Internet threat.
We have posted on the potential threat of Global WWW shut down, and have documentation of THREE attempts,
( The most significant attack in recent years came on Feb. 6, when six of 13 root-zone servers were slammed by an army of "zombie computers," which were compromised by hackers, the Cardozo Law School professor said at the think tank event....
October 22 2002 Nine of the internet's 13 "root DNS" servers are disabled in a massive attack by a bot herder advertising his services....
2006 Peer-to-peer communication protocols pass command of the botnet between compromised PCs to evade bot hunters. Automated retaliatory attacks start on anything trying to find or interfere with a botnet. IT WAS AN ACCIDENT, NO ORDER WAS GIVEN TO TAKE NODES DOWN. )
and the Estonia cyber attack, one of the worlds best protected systems.
(On May 9, the peak day of the attack, Estonian networks
were hit every second with an average of four million packets
of data, a huge amount. Directed from Russia.
Targets rose to the hundreds, then thousands; ranging from government
sites and banks to newspapers and universities.)
We have posted on the Chinese 750,000 bot net in USA, and the probability of more: billions of sleeping bots.
( The unknown attackers managed to access a non-classified computer maintained by the Oak Ridge National Laboratory, China is suspect. AND "Two senior PLA Air Force colonels ( China )wrote "Unrestricted Warfare", presented here in summary translation, to explore how technology innovation is setting off a revolution in military tactics, strategy and organization. "Unrestricted Warfare" discusses new types of warfare which may be conducted by civilians as well as by soldiers including computer hacker attacks, trade wars and finance wars.")
We are all aware of the criminal RBN ( Russian Business Network ) and their ability for stealth.
( They have gone underground. I suspect the "new KGB" involvement, check the last 2 paragraphs here. )
And we are all aware of the very active criminal element on the web.
( Again this problem stems from the World Governments inability to deal effectively with Global Internet Crime, the current paradigm is to almost ignore it and prosecute cases of convenience. We tried helping surfers, tracking the perps, local cops won't do anything, or don't have jurisdiction, and when we did a big case and got them busted in Spain, they were out on bail next day, scamming again, we could watch them on Internet Cafe sec. cams. They were convicted, months in jail or Probation, and NO restitution for the victims. They were allowed to keep the money....
Now this criminal element has become Global and can threaten the Internet, and there is no Paradigm for dealing with them....
Awhile back we ran into 400 American Express CC for sale, with some free cards and info , we quickly notified owners or the FREE cards and American Express, their security offices in Chicago and NY, neither were interested in the other 400 cc. Do they make a profit from stolen cards?)
And the Terrorists desire to harm Western Civilization.
They are inexperienced and lack training but that is temporary.
We took down, al-jihan and burned the head hacker. ( out of Syria )
And burned the newest Islamic hacker. ( out of Saudi Arabia )
And the term of the Millenium, is "asymmetric warfare".
The USA is still playing catch up on asymmetric warfare, on many fronts as the target.
Dancho Danchev's Blog has some GREAT research on the developing paradigm for
asymmetric warfare on the WWW.
"Combating Unrestricted Warfare"
and
"Phishers, Spammers, and Malware Authors Clearly Consolidating"
and
China's Irregular Civilian Hacking forces
Our previous posts and these posts suggest a new WWW attack paradigm.
An financial alignment with or alliance with the criminal element and state sponsors or Terrorists.
It would seem it is just a matter of time.
The WWW is vulnerable.
There are motivated actors, stealthed and capable.
And we have limited time to prepare.
China maintains their hackers with a state stipend, and allows them independence, which provides plausible denieablity and some command and control. And they are not adverse to working with criminals.
Russia: will or has linked up with the RBN.
USA largely ignores its Civilian Irregular Troops, doesn't work with them and refuses any criminal connections to talent that is unavailable elsewhere. The creators of the Internet playing catch up. And one of the USA's biggest threats lives in a CAVE.
THE LACK OF OUT OF THE BOX THINKING, AND REFUSAL TO USE RESOURCES IS GOING TO COST USA AT SOME POINT.
"The first rule of unrestricted warfare is that there are no rules; no measure is forbidden. It involves multidimensional, asymmetric attacks on almost every aspect of the adversary's social, economic, and political life. Unrestricted warfare employs surprise and deception and uses both civilian technology and military weapons to break the opponent's will." Quote from Dan's site. Unrestricted Warfare Symposium Proceedings Book.
"Technology alone is never going to solve the IA problem. We have no informed national defensive strategy in this area. quote from above"
We have proposed a 3 part paradigm to help,
#1) an "Info WAR". and...
Expose al QAeda lies and their Bastardizing Islam in every village, world wide.
( no volunteers = no al Qaeda. ) And a push for World wide PC security.
#2) An info war and locking out all those with out PC security. Tested at the ISP level.
Lack of security could shut down the WWW, if an attack comes from a nation we can expect the administrators of the WWW to close that country off. PC Security is like car insurance, only more important. You HAVE TO HAVE IT. ( Security = no zombies ) OR at least turn off those without proper security in case of a internal bot attack.
And:
#3) A possible solution is a WWW police force with Internet Courts and powers of warrant and police powers to go after targeted computers and ISPs and players, world wide. Funded by fines, seizures etc.. This will require a treaty. They can go after the Bot masters using REWARDS and do it 24/7.
Gerald
Without funding we, IA will have to severely curtail activities in 2008.
.
UP DATE: 02.04.08
Is the Russian Business Network protected by the Federal'naya Sluzhba Bezopasnosti (FSB)?.
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home