Web War II: What a future cyberwar will look like

Discussion in 'other security issues & news' started by Cudni, May 1, 2012.

Thread Status:
Not open for further replies.
  1. Cudni
    Offline

    Cudni Global Moderator

  2. chronomatic
    Offline

    chronomatic Registered Member

    I think the cyber-war threat is grossly exaggerated and I agree fully with Bruce Schneier on the topic. That's not to say that cyber crime is not a threat. It's not to say cyber espionage is not a threat. But these things are not "war" and are not usually done by nation-states.

    There are examples of cyber attacks that were attributed to nation-states that we later found out were basically done by kids (the Comodo hack is one good example. Comodo came out and said it was a "very sophisticated" attack by Iran. Well, Moxie Marlinspike, a security researcher, investigated the hack. He found the same IP address that hit Comodo also downloaded ssltrip from his own website. He investigated further and found this guy was running Windows XP and was watching Youtube videos on "how to hack." So, basically, Comodo got pwned hard by an amateur in his basement). Another good example was HBGary, a security firm. Turns out it was Anonymous. This is not to say that Anonymous doesn't have talented members, but let's face it, they are basically kids playing politics.

    And we don't even know for sure whether the Estonia DDOS was done by Russia. As Schneier says, a DDOS in a military invasion doesn't make much sense. As he says, "It would be like Russia invading the US and having all their soldiers go jump in line in front of you at the Post Office." Also, as Schneier says, in order to defend against attacks you need to know who is hitting you and why. And the two things you don't know in a cyber attack is who is hitting you and why. As you can see, this makes attributing an attack to a nation-state very precarious.

    EDIT:

    Read the article. It appears the emphasis is on SCADA systems. Yes, SCADA systems are insecure. Yes, they need work. My solution is to simply do away with them or put them on their own secure VPN that is *not* routed through the public internet. This would be much like NIPRnet or JWICS that the DoD uses.

    Why these systems are on the Internet in the first place is beyond me. Of course, just because they are on a VPN doesn't mean they can't be hacked, but it does mean some guy in sitting in Iran can't hack a machine in the U.S. (he would need to physically travel here and then find a way onto the network). This would significantly decrease the attack surface and would be a good first step.

    Also, if hacking SCADA systems and bringing down the grid were so easy, it would have happened by now. The fact it hasn't happened means officials are, like always, greatly exaggerating the threat.
    Last edited: May 2, 2012
  3. Dermot7
    Offline

    Dermot7 Registered Member

  4. tomazyk
    Offline

    tomazyk Guest

    Thank you both for links. Non of the cases are new but this is still interesting recap of intrusions, where states were more or less involved.
    Last edited by a moderator: May 19, 2012
Thread Status:
Not open for further replies.