Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

U.S. cyber counterattack: Bomb 'em!

PoliTech (998983) writes | more than 7 years ago

The Internet 359

We've all heard of Google bombing, well the US Government takes the expression sort of literally...

U.S. cyber counterattack: Bomb 'em one way or the other

National Cyber Response Coordination Group establishing proper response to cyberattacks

We've all heard of Google bombing, well the US Government takes the expression sort of literally...

U.S. cyber counterattack: Bomb 'em one way or the other

National Cyber Response Coordination Group establishing proper response to cyberattacks

If the United States found itself under a major cyberattack aimed at undermining the nations critical information infrastructure, the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack or an actual bombing of an attack source.

It's almost funny ... except for the fact that such an overreaction is so possible.

Source: U.S. cyber counterattack: Bomb 'em one way or the other

cancel ×

359 comments

Sorry! There are no comments related to the filter you selected.

GNAA? (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#17974924)

Does this mean the GNAA will get nuked? Timecop lives in Japan, you know.

Nuke China back to the Stone Age (er, pre-Stone Ag (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#17975312)

Nuke China back to the Stone Age (er, pre-Stone Age for most of it).

Bombs? That's ok... (4, Insightful)

Black Parrot (19622) | more than 7 years ago | (#17974926)

I didn't want those zombied servers anyway.

Re:Bombs? That's ok... (5, Funny)

Anonymous Coward | more than 7 years ago | (#17975008)

A few bombings ought to move people off Windows.

Re:Bombs? That's ok... (4, Interesting)

anagama (611277) | more than 7 years ago | (#17975078)

Finally a reason (aside from erroneous child porn prosecution) to do something about all those compromised machines. If people thought the police might bust down their door to stop their computer from doing illegal things, they might think about being more responsible. Considering the damage an unattended compromised pc can do, it really is surprising that people don't face liability. If you keep a dangerous instrumentality on your property, and it causes damage to others, you are liable for that if the harm is foreseeable. Considering how the news has been peppered with these stories about compromised pcs causing people problems(*), the harm is now foreseeable.

(*) A total non-geek person I know brought up that AZ child porn case to me in conversation and mentioned she thinks her machine is probably compromised too.

Re:Bombs? That's ok... (1)

koreaman (835838) | more than 7 years ago | (#17975158)

What porn case??

Re:Bombs? That's ok... (5, Insightful)

paeanblack (191171) | more than 7 years ago | (#17975484)

If you keep a dangerous instrumentality on your property, and it causes damage to others, you are liable for that if the harm is foreseeable.

That is only true if all responsible parties are held to a reasonable level of accountability.

If you found out that your oven was, without your knowledge, part of a local arson ring, you'd be pretty upset a being held accountable for the neighborhood damages. You'd probably blame Kenmore for making such a thing remotely possibly in the first place, since it has no connection with how or why you bought the oven in the first place.

Until the hardware mfgrs, OS mfgrs, software mfgrs, and users are all held to roughly similar standards, you can't place all blame on the user.

To put things a different way:
-If 1% of your products cause widespread damage, then 1% of your users are idiots.
-If 5% of your products cause widespread damage, then 5% of your users need training.
-If 25% of your products cause widespread damage, then you are the idiot.

Don't you think that's overkill for MS users? (2, Interesting)

cheros (223479) | more than 7 years ago | (#17975598)

I mean, not every end user chooses to be infected, and it's not like it's easy to get a machine secured whilst online before it gets infected. I'm not quite sure that a warhead on the house is the best way to deal with a part of a botnet.

If you really want to take about liability you'll have to start with a company that sells you a car without brakes, thus creating a huge market for brakes, and is now starting to supply the brakes themselves. Whilst still leaving them out of the original car.

Replace car with "Windows" and brakes with "decent security" and all of a sudden they're wonderful and creating shareholder value and carry no liability for their actions whatsoever whilst charging to the hilt for the privilege. Maybe taking decent action against them may help - it's going to be cheaper than bombs unless some White House friends are in need of tax funds again and need some rebuilding projects to camouflage the handouts.

Yes, I'm a cynic. Live with it.

Re:Bombs? That's ok... (3, Insightful)

Alligator427 (1054168) | more than 7 years ago | (#17975700)

Along the same lines, it has always irked me that (the government) has never considered approaching Microsoft about the severe security flaws to which it's software is subject. Certainly if the most popular operating system in the world were less morbidly insecure, botnets and the like but be far fewer between. After all, these botnets aren't being built out of *NIX machines, so we're really talking about MS software.

I think a certain amount of responsibility lies on the endusers shoulders insofar as they should be expected not to compromise their own machines, but when you get your brand new windows PC it is vulnerable out of the box. It seems to me like microsoft is selling a consumer product that represents a great potential for illegal/malignant misuse, that most consumers are largely unaware of beyond "If I don't install virus-protection software I will get adware on my machine".

I've always found it wildly absurd that no real authority has ever stepped up to microsoft and made them do something about the woeful state of their OS in terms of security. It seems like one of the best responses that we could have to such attacks it to force Microsoft to mend its ways, if at all possible. If not, at the very least, produce some kind of government-issued label as used in cigarrete boxes to indicate to the consumer that "this product is wildly insecure and if you use it, small children will vomit on your shoes". At least in that case you could pass some of the responsibility on the end user.

Re:Bombs? That's ok... (0)

flyingfsck (986395) | more than 7 years ago | (#17975730)

Hmm, 'bombs' - so very American...

botnet (5, Funny)

TheSHAD0W (258774) | more than 7 years ago | (#17974934)

I wonder what their response would be to the attack of a botnet. Carpet bombing, maybe?

Re:botnet (4, Funny)

Cyberax (705495) | more than 7 years ago | (#17974948)

Nuclear arms, of course :) The ultimate solution for spam and cyberattacks.

Re:botnet (1)

CRCulver (715279) | more than 7 years ago | (#17975026)

Wasn't the Internet designed to work around nuclear destruction?

Re:botnet (0)

Anonymous Coward | more than 7 years ago | (#17975204)

Originally, yes. Due to the current economics though, multiple redundant locations are... redundant and gotten rid of for cost reasons.

Re: botnet (5, Funny)

Black Parrot (19622) | more than 7 years ago | (#17974968)

> I wonder what their response would be to the attack of a botnet.

Good thing the story isn't on a DoD site, or Slashdot might get some retaliatory cruise missiles.

Re:botnet (1)

tomhudson (43916) | more than 7 years ago | (#17974992)

Hey, its one way to get rid of spammers ...

Quick, everyone add a bunch of anyone@pentagon.mil and someone@whitehouse.gov addresses to your posts for spam address harvesters.

Re:botnet (1)

ghstomahawks (847102) | more than 7 years ago | (#17975004)

Of course not! Our government would release a counter-virus to infect the computers that attack, in effect hijacking the botnet for it's own purposes. It would then launch a massive distributed computing effort to aid in the creation of one collective government database containing all the information it has about any citizen. This of course would make all the information available to the poor souls whose computers were "recruited" to the effort.

*wild applause*

Re:botnet (1)

Kpt Kill (649374) | more than 7 years ago | (#17975182)

en
int fa0/15
shut

Re:botnet (0)

Anonymous Coward | more than 7 years ago | (#17975222)

All your DDoS are belong to us.

Re:botnet (1)

msobkow (48369) | more than 7 years ago | (#17975446)

Sadly enough, they would be just that stupid. :(

Re:botnet (2, Funny)

mrbluze (1034940) | more than 7 years ago | (#17975458)

Depending on the location of the computers, it might be a carpet bomb, or a bunker buster if it's a teenager's PC in a basement somewhere, or if they run on expensive computers running *nix, a cluster bomb, or if it's a server farm, they might use napalm with agent orange...

Re:botnet (3, Funny)

mrbluze (1034940) | more than 7 years ago | (#17975500)

.. or a nude bomb if the attacker is spreading porn, or a great big armoured bulldozer to dig up a worm attack, or a bunch of soldiers with spears and shiny metal shields and stuff if it's a Trojan, or a firetruck if the enemy runs a firewall...

Re:botnet (1)

Deanalator (806515) | more than 7 years ago | (#17975624)

The security on botnet nodes is normally pretty weak, so is should be feasible to just crack that node, and see who is connected to it.

An option... (5, Funny)

yourexhalekiss (833943) | more than 7 years ago | (#17974942)

That's an option that the Feds have that the average whitehat doesn't: calling in airstrikes against the DOSer.

What a way to dispel a myth... (2, Interesting)

Anonymous Coward | more than 7 years ago | (#17975482)

Well some of the world thinks your a crazed bunch of war mongers, but this story, erm, never mind...

What do you bet we'll get stories about Cyber attacks from Iran. This sounds like a war machine trying to make another war, since the last ones not going so well.

Military action is unlikely to be a solution (4, Insightful)

Space cowboy (13680) | more than 7 years ago | (#17974962)

In the event of a massive cyberattack against the country that was perceived as originating from a foreign source, the United States would consider launching a counterattack or bombing the source of the cyberattack, Hall said. But he noted the preferred route would be warning the source to shut down the attack before a military response


There's a lot wrong with this. Off the top of my head...

Any sustained attack on network infrastructure, on the scale that they're talking about, is almost certainly going to be a distributed attack. Botnets have no patriotic allegiance, their locality is a function of machine vulnerability (eg: N. Korea's dependence on Active-X), not politics.

If I'm crafting an attack, I don't have to even tell the truth about my IP address, TCP allows the sender to specify a (fake) IP address. Obviously I won't get any replies, but I don't care if I'm simply out to cause damage

Geolocation of IP addresses is pretty much a black art as well - there's far too much variability by IP address to try and localise to the precision needed for bombing the source. My hostip.info [gornall.net] website only attempted to locate to the /24 netblock, and even then only managed ~50% accuracy.

Not to mention that it's a pretty big precedent to set... At least they're talking about talking, before bombing; the problem is that if you make a threat to bomb someone, you have to be prepared to carry it out. Countries can't afford to be seen to be bluffing when it comes to things like this, the impact on future negotiations is too high.

Simon.

It doesn't matter where the attack in terms of ip (1, Interesting)

Anonymous Coward | more than 7 years ago | (#17975050)

All that matters is what their intelligence tells them. If the intelligence points to North Korea being responsible for the attack, regardless of where the actual attacking machines are, then they'll get bombed. The bombing isn't meant to stop the attack directly, but rather indirectly. If the blackhats are doing it for money, and they money source is cut-off, do you really think they're going to keep at it?

Re:It doesn't matter where the attack in terms of (4, Insightful)

Anonymous Coward | more than 7 years ago | (#17975186)

No, North Korea won't get bombed. They have got nuclear weapons, but they haven't got any oil.

You can be quite sure, even now before the attack has started, that the intelligence will point to Iran being responsible. In fact, it is most likely that Iran will be have to be bombed before the cyber attack starts, in order to preempt it

Re:It doesn't matter where the attack in terms of (0)

Anonymous Coward | more than 7 years ago | (#17975234)

I think we may have learned not to trust the "intelligence" coming out of this administration (well, at least the selective kind a certain person in the White House has deemed as a reasonable basis for attacking a sovereign country). If what you are saying is the correct response, it damn well is going to be easy to get one country to bomb another country inadvertently by faking the "indirect" source of a network slowdown. This is all dumb anyways - the Internet is designed to be robust. And it is just a network. If some "rogue" nation or group of individuals comes up with a way to make a serious impact on the Internet, the solution is technical not funding Halliburton.

Re:It doesn't matter where the attack in terms of (2, Insightful)

Poppler (822173) | more than 7 years ago | (#17975548)

I think we may have learned not to trust the "intelligence" coming out of this administration
Unfortunately, that doesn't seem to be the case.

NY Times - U.S. Presents Evidence of Iranian Weapons in Iraq [nytimes.com]

The article does mention that the claims about Iran "[are] bound to generate skepticism among those suspicious that the Bush administration is trying to find a scapegoat for its problems in Iraq and, some political analysts and White House critics believe, is looking for an excuse to attack Iran." Beyond that, it appears to be the same sort of echoing of administration propaganda (conveyed by unnamed intelligence officials) that we saw in the run-up to the invasion of Iraq.

Re:Military action is unlikely to be a solution (4, Informative)

CRCulver (715279) | more than 7 years ago | (#17975240)

Botnets have no patriotic allegiance, their locality is a function of machine vulnerability (eg: N. Korea's dependence on Active-X), not politics.

South Korea has a problem with banks etc. relying on Active X. North Korea has little computer use to speak of.

Re:Military action is unlikely to be a solution (1)

zoomshorts (137587) | more than 7 years ago | (#17975474)

They are hiding their computer acumen. They puchase the same technology as anyone else does. Through the SAME channels.
OPYN

Re:Military action is unlikely to be a solution (1)

StikyPad (445176) | more than 7 years ago | (#17975726)

North Korea has little computer use to speak of.

So you're saying they've mastered miniturization now?

Re:Military action is unlikely to be a solution (3, Insightful)

thePsychologist (1062886) | more than 7 years ago | (#17975412)

Let's also not forget that the general public understands much less about a cyberattack than a good ol' fashioned physical attack. Hence, it's much easier for the government to tell the public that they were in severe danger because "the internet was in danger" or whatever obfuscationt they'll use, when in reality they were pinged fifty more times than average. This is really just another reason to take out the guns, and we all know they're having a difficult time justifying military action these days.

Re:Military action is unlikely to be a solution (1)

i_should_be_working (720372) | more than 7 years ago | (#17975486)

So, what you're saying is, this is a good way to get the US to bomb itself?

Re:Military action is unlikely to be a solution (2, Informative)

Miseph (979059) | more than 7 years ago | (#17975682)

What you're forgetting is that WE have blackhats too. The idea isn't to stop the botnet, because we can't do that nearly as fast as 'they" can open up a new one... if we could, botnets wouldn't be a problem in the first place. I think the idea is that if a botnet/virus/whatever is used to "attack the internet" (a notion that I believe to be intentionally broad, much like "attack the country", not necesarily to justify doing whatever we want, but so that we aren't pigeonholed by a narrow definition), then we are going to "attack", with whatever force and technique seems most reasonable (ie. we don't drop bombs on the homes of bank robbers, nor do we send a couple of uniforms armed only with 9mm pistols and handcuffs to arrest government sponsored death squads) the people behind it. If that means back hacking, packet tracing, following convoluted money trails, reverse engineering, traffic analysis, or whatever else we can think of to find the person(s) responsible, then so be it.

Military action might be unlikely if the attacker is, say, a 15 year old kid writing trojans that let him simultaneously crash hundreds of major network hubs as some sort of "practical joke", because once found they would probably just arrest the kid and give him 20 years in federal "pound me in the ass" prison. If, on the other hand, the same thing were done by a team of Chinese black hats for the purpose of undermining our infrastructure in the moments before launching a surprise attack on Taiwan and the US fleet protecting it, a SWAT team is going to be in a little over their heads.

Great (0)

Anonymous Coward | more than 7 years ago | (#17974976)

Another act of war without a vote by our cowardly Congress. If Jefferson were here he'd have to vomit.

Re:Great (1)

gravesb (967413) | more than 7 years ago | (#17975148)

Responding to an act of war without an act of Congress is perfectly legal. And I think you don't understand Jefferson, who believed that the Constitution should be re-written every generation or so to keep up with the times.

Re:Great (0)

Anonymous Coward | more than 7 years ago | (#17975518)

I think you dearly misunderstand if you believe a man such as Jefferson would ever condone such over-responses and blatant aggressions by the United States.

We have become the terrorists of the world. Our terror campaigns in the non-conforming Muslim worlds has stricken fear in the hearts of billions. We are hoping by our threats and prior acts of terrorism that people will be terrified into conceding and conforming. Join the Christian, Capitalist society of be annihilated, there is no room for other systems is the message our government is sending.

I certainly abhor this message and am ashamed to be an American now. I hope someday soon I can change this opinion again.

On a similar note, I also detest the uppity Euro trash that seem to think all Americans agree with our government and try to pretend they understand the foundations. They are the most ignorant bunch of them all. It's racism for the 21st century. Europe has always been overly close minded about many things though.

bomb ourselves? (0)

Anonymous Coward | more than 7 years ago | (#17974978)

what if the source was on U.S. soil in a major city?

Re:bomb ourselves? (1)

gravesb (967413) | more than 7 years ago | (#17975174)

Probably just send in the FBI.

Re:bomb ourselves? (1)

LoverOfJoy (820058) | more than 7 years ago | (#17975208)

If the source is in the U.S. then we have other options.

Re:bomb ourselves? (0)

Anonymous Coward | more than 7 years ago | (#17975430)

Like Gitmo Bay

yes... (1, Funny)

macadamia_harold (947445) | more than 7 years ago | (#17974986)

We've all heard of Google bombing; the US Government may be taking the expression rather literally.

And it has as much to do with an actual bomb as an Aqua Teen Hunger Force advertisement.

spoof (5, Interesting)

brenddie (897982) | more than 7 years ago | (#17974988)

So if we can spoof enough IP's we can get the USA to bomb any country of our choosing.... interesting.

Re:spoof (5, Funny)

ghstomahawks (847102) | more than 7 years ago | (#17975128)

What about a certain ranch in Texas ....?

Re:spoof (0, Offtopic)

Sponge Bath (413667) | more than 7 years ago | (#17975602)

What about a certain ranch in Texas ....?

Whoa now, what do you have against hookers?
A haw haw haw haw.

Note to the clueless (1)

Henry V .009 (518000) | more than 7 years ago | (#17974996)

Now you can call in U.S. airstrikes against anyone you don't like by zombifying their computers. Hell of a lot more fun than DOS'ing IRC channels.

Easy response... (1)

Junta (36770) | more than 7 years ago | (#17974998)

iptables -I FORWARD -s -j DROP
iptables -I INPUT -s -j DROP

Replace with favorite firewall appropriate commands.

MUCH quicker, cheaper, and probably more effective than trying to blow up the source.

Re:Easy response... (2, Informative)

jmauro (32523) | more than 7 years ago | (#17975088)

Won't work if the pipe you're trying to use is flooded with useless data, since you're not actually stopping the attack at the source and your bandwidth is limited. You've only prevent them from getting into your network, not actually stopping the DOS which is kind of the point.

Now what fun is that? (1)

AmazingRuss (555076) | more than 7 years ago | (#17975108)

...and how does it boost the weapons production portion of GNP?

Bombs solve all problems, and require very little forethought to use. Everyone is impressed by large explosions...virtually nobody is impressed by iptables rules.

Re:Now what fun is that? (1)

Yetihehe (971185) | more than 7 years ago | (#17975546)

You haven't seen those REALLY big iptables rules, have you?

denial of service (3, Interesting)

oohshiny (998054) | more than 7 years ago | (#17975000)

Well, this has some great potential for denial of service attacks by forging the source of a cyber attack.

Re:denial of service (5, Funny)

TubeSteak (669689) | more than 7 years ago | (#17975192)

Well, this has some great potential for denial of service attacks by forging the source of a cyber attack.
The practical joker in me can't wait until someone forges an attack using the WhiteHouse.gov IP.

OTOH, I suspect that the NSA & DoD aren't that stupid

Today, thousands of "packet kiddie" groups... (0)

Anonymous Coward | more than 7 years ago | (#17975032)

... Pledge support to the U.S. government in support of the war on terror, ushering in a new era of legalized DDoS in the name of Freedom!

I always knew the day would come when I could be an e-privateer, sanctioned by the U.S. government!

w4 c0rps pledges utmost support and 200,000 bots -- irc.gamesurge.net #w4r

tilte confusing, google has nothing to do with it. (4, Insightful)

deft (253558) | more than 7 years ago | (#17975052)

At first I thought the US government might be using it's PageRank power to make terms like "nuclear threat" bring up URL's like iran.gov (or whatever their whitehouse.gov correlary might be). In fact it was just a weak attempt to use the word bombing twice and mislead.

Instead, the US is just aknowledging that attacks on it's internet infrastructure can be responded to just like physical attacks.... by military attack.

Is anyone suprised that if one place was pinpointed as the source of the attack on any countries infrastructure it might be a target? I'm not. The net is more important than some buildings at this point.

The only thing I'm suprised is to expect any attack to be from one place... I'd expect it to be distributed. But thats ok, we have bombs for that too. ouch.

quicken the disolving of the union. (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17975072)

I can't wait tilll some 13 yeare old makes us bomb a charity site in the ukraine.
You think this is a bad thing?
It all goes to hasten the secession of the northern states from the inbread war mongering oil states.

What if the source is in the US? (0, Redundant)

Professr3 (670356) | more than 7 years ago | (#17975080)

I know the USA has at least as many stupid computer users as the rest of the world - what happens when an all-USA botnet starts attacking our own infrastructure?

Re:What if the source is in the US? (1)

AmberBlackCat (829689) | more than 7 years ago | (#17975622)

If this is serious then I suspect they would only actually bomb a place they were looking for an excuse to bomb anyway. Maybe an oil-rich nation. If it happens in this country, I suspect they'd fight it by enacting CAN-SPAM 2, which will eliminate botnets by forcing all American citizens to surrender DNA samples.

Uhh... woudln't just be easier... (5, Funny)

thestudio_bob (894258) | more than 7 years ago | (#17975082)

Uhh... woudln't just be easier to bomb the source. It's not like we don't know where Micro$ofts head quarters are.

Re:Uhh... woudln't just be easier... (1)

fuego451 (958976) | more than 7 years ago | (#17975350)

I was thinking the same thing. Or, perhaps a super-computer to track all M$ machines/networks that could bump them off the tubes at the first sign of a problem.

Bring 'Em On (1)

Doc Ruby (173196) | more than 7 years ago | (#17975084)

I can't wait for Bush and his Pentagon to protect us from cyberwar. After all, the Bush doctrine of using one attack on us to justify attacking someone who hadn't attacked us, distracting us from [wikipedia.org] the original attacker [google.com] , is really paying off [google.com] .

Besides, with cyberattacks [google.com] on both US government and civilian targets raging for years without either the FBI or military doing anything effective to protect us, they're bound to show nothing but improvement [google.com] , right?

Re: Bring 'Em On (3, Informative)

Black Parrot (19622) | more than 7 years ago | (#17975140)

> I can't wait for Bush and his Pentagon to protect us from cyberwar. After all, the Bush doctrine of using one attack on us to justify attacking someone who hadn't attacked us, distracting us from the original attacker, is really paying off.

Hey, current thought among the Bush administration and the neocon "thinkers" that got us in to all this, is that if you blow one war you should start another one so you can try again.

Hell Yeah (0)

Anonymous Coward | more than 7 years ago | (#17975378)

After all, the Bush doctrine of using one attack on us to justify attacking someone who hadn't attacked us, distracting us from the original attacker, is really paying off.

Actually it really has, because there hasn't been a successful terrorist attack on US soil since 9/11.

By taking the fight to the enemy, and being proactive, Bush has done a good job of protecting Americans.

Re:Hell Yeah (2, Insightful)

EGSonikku (519478) | more than 7 years ago | (#17975492)

I have a magical stone that protects me from tiger attacks. I have been using it for years and not one attack!

This proves it works.

Re:Hell Yeah (1)

Millenniumman (924859) | more than 7 years ago | (#17975696)

Where can I buy one?

Re:Hell Yeah (4, Interesting)

Doc Ruby (173196) | more than 7 years ago | (#17975516)

The real way to look at it is that there was a successful terrorist attack a year into Bush's responsibility. And since then, Bush has achieved so many more terrorist goals than any little terrorist could on their own that there's little need. Including killing thousands more Americans, destroying our military, bankrupting our treasury and our morals. And most especially destroying our freedoms and sense of security by sowing massive terror every time Bush shows his face in public.

If there had been another planebomb, you'd use that to justify Bush getting even tougher. Just like you're surely cheerleading Bush's current escalation in Iraq. You zombie Republicans are so predictable.

No one believes that gibberish about fighting them there so we don't have to fight them here. Except maybe you, Anonymous Dick Cheney Coward.

Terrorists.... (0)

Anonymous Coward | more than 7 years ago | (#17975104)

They hate our freedoms.net!

Instead of physical bombing (3, Insightful)

gravesb (967413) | more than 7 years ago | (#17975110)

I would rather see cyber counter attacks. Yes, a lot of the targets would be innocent bots, but the counter attack could be as simple as taking them off line. If you remove enough bots, the attackers either have to give up, or begin to use bots closer to their own computers, until eventually they would have to use their own computers. Taking that many computers off line through cyber attacks is not something to be undertaken lightly, but if the incoming attack is sufficient to have a significant negative impact on infrastructure, then its probably justified. And maybe, if we start having massive cyber battles that this seems to imply, maybe Joe Public will stop clicking install this now banner ads and allowing his computer to become a bot. But probably not.

Re:Instead of physical bombing (1)

nickull (943338) | more than 7 years ago | (#17975618)

I think their plan is to just re-route all incoming USA bound HTTP traffic to myspace. ;-)

Slashdotted:No more submissions to .gov/mil sites (5, Funny)

NZheretic (23872) | more than 7 years ago | (#17975112)

To Commander "Taco"
Please cease and desist linking to site xxx.mil ( reacted ) or whitehouse.gov or else we will bomb you.

Signed G.W. Bush.

Re:Slashdotted:No more submissions to .gov/mil sit (1)

my_haz (840523) | more than 7 years ago | (#17975304)

If OP doesn't get mod-ed (+5 Funny), then there is no hope for /.

I doubt if he'd say please. (1)

ThatsNotPudding (1045640) | more than 7 years ago | (#17975680)

Or spell commander correctly.

Scene from the War Room (5, Funny)

mbstone (457308) | more than 7 years ago | (#17975160)

General, the bombers are ready to go and the cruise missiles are fully fueled. And our intel group has pinpointed the source of the attack. It's coming from 127.0.0.1 .

problem solved (1, Funny)

Anonymous Coward | more than 7 years ago | (#17975178)

Spoof the attack from an ip block that originates at the pentagon; government bombs the 'source' of the attack. Buh-bye pentagon. The people rejoice.

I can't wait! (1)

pair-a-noyd (594371) | more than 7 years ago | (#17975180)

The dribbling idiot DumBya is going to put a cruise missle up the ass of these scumbags that pound my email accounts with penny stock crap and ads for penis pills!

Yay! About time!

Attack the source? (3, Funny)

bizitch (546406) | more than 7 years ago | (#17975214)

.... well you can kiss Redmond, WA goodbye ;)

Re:Attack the source? (1)

subl33t (739983) | more than 7 years ago | (#17975692)

You sir, deserve to be modded up.

But what if... (3, Funny)

OriginalArlen (726444) | more than 7 years ago | (#17975250)

...the network fights back? Huh? D'ye ever think of that? And then it'll launch all the old ICBMs, oh yes, and then androids will stalk the smoking ruins hunting down and shooting the last holdout remnants of the Republican Party.

I think.... (5, Insightful)

Derek Loev (1050412) | more than 7 years ago | (#17975254)

I think that we're all reading too much into this. The article is basically saying that if somebody is going to attack the US in a way that would be damaging to the country that US is prepared to retaliate...by any means necessary.
I'm not sure if I agree with everything in the article but it is the Government's job to protect this country and there are a lot of businesses and people that demand on the internet. If some outside source could mess with this it would be devastating to the economy and the country...

let the sleeping giant lie (1)

iphone-shuffle (1062880) | more than 7 years ago | (#17975280)

Do you remember the game "America's Army"? http://ve3d.ign.com/articles/579/579289p1.html [ign.com] In the early 1940's, Japan learned an important lesson - "let the sleeping giant lie."

Obligatory (1)

codeshack (753630) | more than 7 years ago | (#17975344)

I say we nuke the site from orbit.

It's got a whole new meaning now, don't it?

Re:Obligatory (1)

EGSonikku (519478) | more than 7 years ago | (#17975512)

It's the only way to be sure ...

OMG (1)

Elektroschock (659467) | more than 7 years ago | (#17975384)

What are they spending the billions on? I see why libertarian propaganda is so common in the US.

Bomb MIT (1)

Infonaut (96956) | more than 7 years ago | (#17975394)

More targets.

Redefines... (4, Funny)

DimGeo (694000) | more than 7 years ago | (#17975402)

... Internet Exploder... Click that link and you and your entire fraking town are history.

I see it now (4, Interesting)

aschoeff (864154) | more than 7 years ago | (#17975410)

Both the RIAA and the MPAA manage to insert sufficient language into some unrelated bill (ala what they tried with the Patriot Act) that authorizes preemptive strikes against p2p networks, saying that they could serve as massive distributed attack vectors against our nation's cyber-infrastructure.

Flip forward a few weeks. I wake up on a typical Sunday like today and start up Azureus. Within a couple of minutes, a tomahawk cruise missile is launched from a regional military installation.

The upside of my imminent demise is my last minutes will be spent mellowly and obliviously perusing mininova, seeing if anyone uploaded a torrent for that one episode of The Daily Show I missed last Thursday.

If only I had stayed up past 10PM that night, I would never have brought this on myself.

oh really - this is just hilarious (4, Funny)

toby (759) | more than 7 years ago | (#17975454)

When you're a country with a hammer, everything looks like a snowglobe, eh?

Solid evidence (1)

Wolfier (94144) | more than 7 years ago | (#17975472)

Is it just me, or does anyone think that using a cyber attack as a basis for physical retaliation would make it too easy to fake justifying evidence? Electronic evidences are easy to fabricate and hard to disprove.

If US can produce gigabytes of logs "proving" that someone in another country is attacking their computers, would that give them the right to physical military actions, in the lack of other form of evidences?

Don't fear! (1)

renoX (11677) | more than 7 years ago | (#17975476)

(sarcasm) The USA has a very good intelligence service, they will for sure find the correct location of the attackers, look how good they were to locate WMD recently!

 

Re:Don't fear! (1)

Mixel (723232) | more than 7 years ago | (#17975646)

Target lock, one-two-seven-point-zero-point-zero-point-one. Confirm.

Roger alpha one.

*radio noise*

Come in alpha one..

*radio noise*

Come in..

Bullshit (1)

Joebert (946227) | more than 7 years ago | (#17975560)

the Department of Defense is prepared, based on the authority of the president, to launch a cyber counterattack

I call bullshit.
If they're confident in having a cyber counterattack, there would be no need to worry about anything that would warrent a counterattack.

They have nothing, it's a bluff.

re: (3, Interesting)

Kynmore (861364) | more than 7 years ago | (#17975562)

It sounds like something from a William Gibson novel. Only difference is our government isn't a corporation.

These people need to remember what their jobs are. (1)

Sj0 (472011) | more than 7 years ago | (#17975566)

How about they actually work on a plan to prevent ACTUAL attacks from HARMING US CITIZENS AND SOLDIERS?

You know, seeing as that's what the present danger to the nation actually is?

It's all well and good to think of ways we could possibly be attacked while our people aren't dying every day, but right now, these people should be hung as traitors for wasting time and taxpayer dollars doing anything OTHER than finding the best possible way to protect our soldiers abroad, and our people at home.

Web Services and DoS attacks? (1)

nickull (943338) | more than 7 years ago | (#17975574)

If I wanted to launch an attack, the most effective type would be a Denial of Service type attack against critical infrastructure targets. These are the hardest types of attacks to guard against given the attack is not about compromising the target, just rendering it useless for others. There are some steps that make sense (recgonizing a DoS attack and instantly reconfiguring the firewall to drop all packets form the attacker), but a large scale attack from multiple roaming sources might be impossible to mitigate in a timely manner. Also - most defenses like the one above are based on the assumption you know where the packets are coming from. Most DoS attacks masquerade their true IP addresses and spoof others so it might be able to trick the defense into actually taking malicious action against a legitimate source. I also worry about some of the web service extensions currently under development in various standards bodies. Using certain flags like the Web Services Reliable Messaging Nacks (basically stating that they explicitly did not receive a message the endpoint was expecting), a smart attacker could trick a huge number of WS-RX endpoints into sending back messages to a single IP address. This smurf style DoS attack could be orchestrated by using smaller SME's with less than mature IT systems to attack larger targets without even compromising a single SME machine. Given the WS push to get businesses to adopt, I find this a bit worrying. I've raised this as an issue in the past.

Iran (1)

Sodki (621717) | more than 7 years ago | (#17975608)

And I bet the source of the attack will be Iran. Nice strategy.

So wait... (1)

grasshoppa (657393) | more than 7 years ago | (#17975712)

Who do we bomb if the attack is coming from a botnet in our own US of A?

public wifi (1)

mpoloks (1062844) | more than 7 years ago | (#17975728)

so you are telling me they may bomb an airport with thousands of innocent
because of one bad guy using the public wifi network?

creates a new meaning for wifi hotspot
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>