Internet Anthropologist Think Tank: Cyber Command Sissys?

  • Search our BLOG

  • HOME
    Terrorist Names SEARCH:

    Thursday, July 08, 2010

    Cyber Command Sissys?

    How To Stop Cyber attacks: Diplomacy. Well, Maybe.

    ( NOPE, G )

    If you attended today’s still-unfolding big cybersecurity confab in Washington, sponsored by the Armed Forces Communications & Electronics Association, you heard a parade of military officers and Obama administration officials say — well, not a whole lot.
    It’s hard to defend against a cyberattack… Everyone — civilian and military, public and private sector — needs to work together and pool resources and information… Incentivize cooperation… The supply chain is vulnerable… U.S. Cyber Command is developing integrated planning and operational frameworks…
    And then there was Bruce Held.
    Held is the Department of Energy’s intelligence chief and he said he spoke from the perspective of a longtime intel hand. His answer to the cybersecurity problem: diplomacy.
    “A static cyber defense can never win against an agile cyber offense,” he told a panel...
    Unleash the diplomats and prepare the economic sanctions packages, in other words, if you want to prevent your servers from getting fried. ( Yea thats working real well with Iran and its nuke program, G )
    Brigadier General John Davis, the director of current operations for Cyber Command, said forthrightly during the same panel discussion that his “number-one challenge” was developing “situational awareness” of the cyberthreats that the U.S. faces.

    USCYBERCOM plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure freedom of action in cyberspace for the U.S. and its allies, and deny the same to adversaries.

    The problems are not that difficult.
    First you need rules of engagement.
    If attacked you attack back, take the threat off line.
    The technology exists to take bot farms off line
    en mass.
    The current politically correct  Paradigm
    excuses those with infected computers, zombie
    PC's , if they attack. That some how it is ok
    for their PC to do an attack if its infected
    with a Bot, they are not at fault as someone
    else has taken over their PC with a Bot.
    An some how that makes them innocent
    and immune from consequences  if
    their PC attacks some one?

    They are responsible for the security
    of their PC, if it attacks then:
    under the principle of self defense
    we can return the attack, Take them
    off line for an hour, produce a pop up
    on their system that says this PC atacked
    and has been taken off line for an hour, and
    bot and root kit cleaners can be down loaded
    at XYZ  web site.

    Taking out a bot farm may take down
    100,000 American PC's.Temporally.
    But the owners would also clean
    them up also. Taking out most
    of that bot farm.

    We have a legal right to self defense.
    It would be legal to take them off line.

    Micro Softs paradigm is cockeyed too.
    They block security updates if the
    OS isn't legit.

    That becomes problematic when that
    policy turns the illegal unpatched
    OS into weapons for bots.

    That policy makes the internet
    unsafe for the rest of us.

    Getting all those systems patched
    and bots and rootkits removed,
    cleaned up will cut way down
    on the number of bots wild on the

    And it means if a bot farm
    attacks  they will loose their

    We have seen a couple indications of the system
    to take down bot farms has been  deployed.

    Second is real time penetration during the attack.
    Google has demonstrated this concept during its hack.
    They didn't take it far enough, it includes penetrating
    the proxys during the attack to get originating  IP of the attack.
    Bots are different just take them off line.
    Proof of concept.

    Interview with Cyber Warrior

    They have COWs ( Cyber Over Watch ) in place, and are adding more,
    a early warning system for cyber attacks.
    US Government to deploy COWS.

    The US Government can't harden civilian net works, but
    they can monitor attack activity on a huge spectrum,
    and engage their cyber forces to take the treat off line.
    Even swap IP's to put armed cyber forces between the
    attackers and the targets.

    But there are no rules of engagement so far.
    It takes an OK from Obama to take a server
    off line now.

    Cyber Wars and attacks happen in seconds
    if you are handicapped by having to make
    phone calls to get permission you will loose.

    The technology is there to KICK ASS,
    and USCYBERCOM has it, and the brains
    to win, give them the power to use it,
    and take the threats off line, Cyber Command
    just need rules of engagement and the will
    to police the bad guys.
    Their capabilities are awesome.
    There are NO Cyber Command Sissys.
    They are one of the most powerful
    forces in the WORLD.
    Turn them loose.

    Tactical Internet Systems analyst



    Post a Comment

    Subscribe to Post Comments [Atom]

    << Home