Center for a New American Security

I was listening to NPR last night when they started discussing whether North Korea was responsible for these recent cyberattacks.  One commentator they interviewed described the DPRK as being probably in the bottom 5-10% of countries in terms of hacking skills, so if we're having trouble with them we're pretty screwed when it comes to dealing with more sophisticated cyber foes.

I'm imagining Kim Jong Il sitting around with his generals explaining, "The Internet is not a big truck!  It's a series of tubes!"

In the Washington Post:

"This whole notion of being global means we have to work collaboratively with other countries," said Suzanne Spaulding, a former CIA assistant general counsel. "They'll be suspicious and uncomfortable if they're dealing with NSA and perhaps more so with DOD. If DOD goes to them and says, 'Let's collaborate on defensive tools. Tell us what you've developed,' they'll be justifiably concerned that what DOD is really doing is perfecting its offensive capability.' "

 

I bid farewell to Lady Muqawama this evening, who returns to the West Coast to go be smart and stuff. (Those of you who know L.M. know how ridiculously out-of-my-league I am.) Tonight I am catching up on my reading and writing. These two articles from the weekend caught my eye. The first is the article on Chinese hacking that I am sure you have already read. Rafal Rohozinski is a friend of mine, and I participated in a workshop with Ron Deibert, who is pretty much the world's leading expert in "getting around firewalls."

The second article is by another friend, Yochi Dreazen (C '99), who describes this piece as near and dear to his heart. All the same, this was a tough article to read.

Maj. Gen. Mark Graham is on the frontlines of the Army's struggle to stop its soldiers from killing themselves. Through a series of novel experiments, the 32-year military veteran has turned his sprawling base here into a suicide-prevention laboratory.

One reason: Fort Carson has seen nine suicides in the past 15 months. Another: Six years ago, a 21-year-old ROTC cadet at the University of Kentucky killed himself in the apartment he shared with his brother and sister. He was Kevin Graham, Gen. Graham's youngest son.

After Kevin's suicide in 2003, Gen. Graham says he showed few outward signs of mourning and refused all invitations to speak about the death. It was a familiar response within a military still uncomfortable discussing suicide and its repercussions. It wasn't until another tragedy struck the family that Gen. Graham decided to tackle the issue head on.

"I will blame myself for the rest of my life for not doing more to help my son," Gen. Graham says quietly, sitting in his living room at Fort Carson, an array of family photographs on a table in front of him. "It never goes away."

The most significant thing about this story -- and this technology -- is the way in which ordinary Israelis can now carry out DOS attacks on a declared enemy of the state. If cyber-warfare is really warfare and one of the requirements of statehood is a monopoly on "violence", what are the implications of this? The idea that the government of Israel would take action against an Israeli attacking a site maintained by Hizballah is laughable, but in general, should a state be allowing its citizens to do such things?

Last week, while trying out breaking-in tools developed by Chinese hackers, an Israeli Network security company, Applicure, brought down the Hezbollah Web site (hizbollah.tv), using no more than 10 bots, which are computers controlled by hackers.

Reports of hackers taking out Web sites by bombarding them with massive amounts of information commonly appear in the news media. But often it's hard to estimate both the magnitude of the phenomenon and the ease with which even laymen can use existing web tools.

Those attacks geared at bringing down Web sites are know as either denial of service attacks (DOS) or distributed denial of service attacks (DDOS), and make use of Botnet networks - large networks of unsuspecting computer users hijacked by hackers with viruses and Trojan horses. According to Chinese CERT (Computer Emergency Response Team), the threat on China's internal network has multiplied by 20 in 2007.

One of the most surprising things about the software used in order to take down the Lebanese militant organization's site is its interface, which is light years away from the common image of hackers dealing with complex code. The interface is very accessible and is clearly meant for everyday users, as opposed to veteran programmers.

The software enables a choice of attack possibilities, attack speed, and the number of computers the attackers wish to use in order to bring down the Web site's servers.

Applicure's South Korean partners say the price of using the software of the kind that brought down the Hezbollah site starts at about $260 a year, when using a small number of bots. Having 1,000 bots at your disposal can bring the price up to $100 a month.

We may all wish NATO would put a few more boots on the ground in Afghanistan, but at least they're taking another problem -- cyber warfare -- seriously enough.

Nato is treating the threat of cyber warfare as seriously as the risk of a missile strike, according to a senior official.

A London conference was told that online espionage and internet-based terrorism now represent some of the gravest threats to global security.

Suleyman Anil, who is in charge of protecting Nato against computer attacks, said: "Cyber defence is now mentioned at the highest level along with missile defence and energy security.

"We have seen more of these attacks and we don't think this problem will disappear soon. Unless globally supported measures are taken, it can become a global problem."

Anil, who is head of Nato's computer incident response centre, told the E-Crime congress in London that the cost of hi-tech strikes on government communications was falling, while the amount of damage they could inflict grew.

Among the chief threats is cyber terrorism, in which attempts are made to shut down online communication networks or use the internet to attack official institutions. Although some have warned of the possible threat since the 1980s, it is only in recent years that the issue has made it onto the radar of governments around the world.