Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Germany Readying Offensive Cyberwarfare Unit, Parliament Told

timothy posted more than 2 years ago | from the approve-or-face-our-blackmail-threats dept.

Government 55

concertina226 writes to note that it's not just the U.S. that's increasingly open about using malware as an offensive tool of state security: From the TechWorld story: "According to German reports, the Bonn-based Computer Network Operations (CNO) unit had existed since 2006 but was only now being readied for deployment under the control of the country's military. 'The initial capacity to operate in hostile networks has been achieved,' a German press agency reported the brief document as saying. The unit had already conducted closed lab simulations of cyber-attacks." "Unlike physical attacks," concertina226 writes, "cyber-weapons can't be isolated from their surroundings with the same degree of certainty. If, as a growing body of evidence suggests, the U.S. Government sanctioned the use of cyber-malware such as Stuxnet, are the authorities also held responsible should such campaigns hit unintended victims?"

cancel ×

55 comments

Sorry! There are no comments related to the filter you selected.

Offended (0)

Anonymous Coward | more than 2 years ago | (#40245043)

This German Cyberwarfare Unit? I consider it Offensive.

Re:Offended (-1)

Anonymous Coward | more than 2 years ago | (#40245179)

It has it's uses. [resist.com]

oh (0)

Anonymous Coward | more than 2 years ago | (#40245091)

oh

so we must prepare now (3, Funny)

Anonymous Coward | more than 2 years ago | (#40245231)

for a bitskrieg?

Re:so we must prepare now (1)

DragonDru (984185) | more than 2 years ago | (#40245383)

If the Germans are announcing this, I can imply that many governments have just such an organization. I don't think my 1337 skills are up to the task of fighting off actual armies.

Re:so we must prepare now (1)

xevioso (598654) | more than 2 years ago | (#40246299)

This is a great pun, and it's a word I predict will be used much more often.

Re:so we must prepare now (1)

An ominous Cow art (320322) | more than 2 years ago | (#40248887)

Mein Paket-Sniffer hat keine Nase.

Anyone with servers in Austria, France.... (0)

Fallingcow (213461) | more than 2 years ago | (#40245245)

Denmark, Norway, Poland, the Benelux states, etc., should consider moving them elsewhere.

Already Incorporated (-1)

Anonymous Coward | more than 2 years ago | (#40246103)

Your comment is amusing, it is even more so because you don't seem to realize Germany already controls all of Europe.

Especially now that Germany is paymaster and once again leading Europe politically and fiscally.

It's our own damned fault (1)

ka9dgx (72702) | more than 2 years ago | (#40245253)

Instead of fixing this situation (our broken computer security model) we've been blaming Vendors, Users, Programmers, government. None of this is going to fix it.

When you can confuse a root process and get root, nothing is safe. Windows, Mac, Linux, all are vulnerable to this.

It doesn't have to be this way.

Re:It's our own damned fault (1)

SuricouRaven (1897204) | more than 2 years ago | (#40245409)

Then what is your alternative?

Re:It's our own damned fault (2)

Slyfox696 (2432554) | more than 2 years ago | (#40245547)

Then what is your alternative?

The return of Sneakernet.

Re:It's our own damned fault (1)

noh8rz3 (2593935) | more than 2 years ago | (#40246025)

I think this is valid, especially for large networks. does the computer of a secretary in alabama need the capability to access payroll data in new york city? break the links in the network, so each computer can connect to reasonable resources but not extensive. This contains any rampant issues.

similarly, payroll transmits data monthly to banks. does the sensitive payroll data need 24x7 online access?

Re:It's our own damned fault (1)

ka9dgx (72702) | more than 2 years ago | (#40247387)

It's not the scale of the networks that is the real problem. It's the need to trust code that is the big issue. If a program can be tripped up, or in any way manipulated to do something, it becomes the basis of a system breach. If the scope of what can be done by a process is by default limited to a very select set of actions, you eliminate this basis of attack.

It the person in Alabama needs access to the payroll, that's fine. But why does she need write access to the system folder? Why does that same process need to be able to upload files to the internet at large?

Re:It's our own damned fault (1)

noh8rz3 (2593935) | more than 2 years ago | (#40247831)

did you read teh apple i0s security design document? it talks a lot about "chain of trust" from boot-up through application use. this sounds like what you're talking about. as stephen hawking would say, "it's turtles, all the way down!"

Re:It's our own damned fault (1)

ka9dgx (72702) | more than 2 years ago | (#40247921)

Chain of trust doesn't do jack sh*t for the security as far as users are concerned. It's all about DRM.

If the user doesn't have a way to tell the OS exactly what side-effects they are willing to tolerate from a program they want to run, then how is the OS supposed to know?

Linux, Windows, Mac all don't even have a way to express this intent, let alone code to enforce it.

Re:It's our own damned fault (1)

noh8rz3 (2593935) | more than 2 years ago | (#40249091)

please don't use bad language. it makes the internet much coarser, not to mention the person who says it and the person who reads it.

OOPS (1)

ka9dgx (72702) | more than 2 years ago | (#40354719)

It turns out that you should care about the "chain of trust", and "trusted computing base" type terms, but not if they are used to back DRM.

When you do want to pay attention is when the developers of Genode talk about them in their development of a microkernel based (pick 1 of the 8 they offer) operating system which uses capability based security, and yet can run linux inside of itself.

Genode is cool stuff...

Re:It's our own damned fault (1)

eriqk (1902450) | more than 2 years ago | (#40274199)

The return of Sneakernet.

Sneakernet didn't protect Iran against Stuxnet.

Re:It's our own damned fault (4, Interesting)

ka9dgx (72702) | more than 2 years ago | (#40245657)

Instead of running processes with all the rights of the given user account, use Capability Based Security. This means that for a given process, at run-time (not before hand like app-armor), you tell the OS which files and access type a process will need. This doesn't fix everything, but it does let you isolate security decisions and eliminate the side effects of running any code (trusted, untrusted, or downright evil) to the capabilities you chose to give it. This means that even if you confuse a process, you can't get more capabilities than it was given. Privilege escalation goes away, which is a major attack vector, along with stack injection, buffer overflows, etc. (Of course it does require a secure kernel, which you have to trust).

It's my firm believe that capability based security will eventually be what we all use... but due to the need to make people aware of the concept (which is several layers of abstraction away from what we usually deal with) and the cost of revamping everything... we're still 15 years out.

Re:It's our own damned fault (2)

0123456 (636235) | more than 2 years ago | (#40246045)

We already have that with Apparmor and SELinux. The problem is that common attack vectors such as web browsers already need access to all files on the machine; how can you upload that Lolcat picture to Facebook if your web browser is restricted to only accessing specific files on your system? How can you prevent a malware addon installing by blocking writes to the addon install directory if the web browser supports automatic installation of addons?

So it's an improvement, but still leaves big holes.

Re:It's our own damned fault (1)

Anonymous Coward | more than 2 years ago | (#40246657)

web browsers already need access to all files on the machine

1. Applications don't get access to user files, unless
2. The user has explicitly opened the file in the application using a secure OS file open dialog, in which case
3. The OS passes a list of file names and read-only handles (or file descriptors or whatever) to the application.

I don't know if Apparmor or SELinux do this, but that's how you do it right.

Offensive? (0)

Anonymous Coward | more than 2 years ago | (#40245265)

I was hoping there were going to stumble about farting, making off-colour jokes and reaching across other people's plates to get the ketchup.

Achtung, achtung internet freunde ... (0)

Anonymous Coward | more than 2 years ago | (#40245387)

On other news "Lebens Interraum" is new bookshelf buster ...

[ducks]

Room for IPv6 (1)

andersh (229403) | more than 2 years ago | (#40246165)

Notice that this was announced shortly after IPv6 was "rolled out". You're right, they're looking for more space, address space!

Offensive Unit (0)

Anonymous Coward | more than 2 years ago | (#40245397)

No, no, no, you all misunderstand. By "Offensive Cyberwarfare Unit", they just mean the group will be incredibly rude. It's all in intimidation, people!

Re:Offensive Unit (0)

Anonymous Coward | more than 2 years ago | (#40245927)

LOL, love it. Germans are (AFAIK) not knowingly rude. Arrogant, yup, often and sometimes to a level not seen anywhere else in Europe (which is great, because there's nothing more fun than embarrassing people like that). Brutally direct? Yup, but that's not a bad thing IMHO. But rude (other than in arrogant)? No, not really.

Re:Offensive Unit (1)

eriqk (1902450) | more than 2 years ago | (#40274213)

No, no, no, you all misunderstand. By "Offensive Cyberwarfare Unit", they just mean the group will be incredibly rude. It's all in intimidation, people!

4chan.de/b/?

Reads like a Cyberpunk novel (1)

ConaxConax (1886430) | more than 2 years ago | (#40245451)

The future is here guys!

Compare (0)

Anonymous Coward | more than 2 years ago | (#40245477)

When we are at war we do not compensate innocents struck with bombs or bullets. To suggest that we will compensate innocents who are unintentionally injured by cyber warfare would severely effect the ability of our nation to defend itself. Sadly, where ever there is conflict there will always be innocent victims caught in the cross fire.

Re:Compare (0)

Anonymous Coward | more than 2 years ago | (#40246683)

To suggest that we will compensate innocents who are unintentionally injured by cyber warfare would severely effect the ability of our nation to defend itself.

Only a citizen of a nation not joined in the ICC could say something like that.. ;) On the other hand, what is the difference between a prank gone bad, or a nihilist eco-terror-mass-murder-tool-from-the-12-monkeys, and a weapon of war? Accuracy, predictability and the ability to target the weapon. For the same reasons anthrax is a much better bio weapon than a virus and there are international agreements to ban personnel mines and limit various other weapons taking innocent lives.

REMEMBER NEVILLE CHAMERLAIN - PEACE IN OUR TIME !! (-1)

Anonymous Coward | more than 2 years ago | (#40245481)

It's the Germans for crying out loud !! Don't they have a constitution outlawing this from happening YET AGAIN !! Britain !1 Ready your Arms !! The FIGHT IS ON !!

'Cyber-malware'? (0)

Anonymous Coward | more than 2 years ago | (#40245535)

Cyber-malware? As...opposed to...um...this 'cyber' business is getting out of control and we'll be lucky to live through it. Cyberwarfare with cyberwarriors and cybermalware in cyberspace. What year is this? 1995?

Re:'Cyber-malware'? (0)

Anonymous Coward | more than 2 years ago | (#40250709)

It's virtually a virtual cyberwar.

Why not? It's cheap. (5, Insightful)

Beardo the Bearded (321478) | more than 2 years ago | (#40245587)

Bombs are expensive. You want to stop enemy production in a war, right? So you blow up the factories, the power plants, etc.

What if, instead of blowing them up, you just shut them all off? It worked with Iran's atomic development and ushered in a new era of warfare. Up until WWI, war was a grand and glorious adventure, swords and arrows, showing the bad guys what for! Then chemical weapons killed so many people all at once, the game wasn't fun anymore, but you could still send your plebians out to rattle your sabres. Once atomics showed up, we go to the point where war could kill the country's leaders as well as the people sent out to the front lines.

This new era lets anyone, anywhere, pick off any target. You can shut down an Iranian centrifuge. You can dig up dirt on the Prime Minister and give it to the newspaper. Everyone with an Internet connection has the potential to hold a weapon far more dangerous and far more powerful than anything that goes "bang". We can make anyone, anywhere, go "whimper".

That's why we're seeing cyberwarfare units and Internet censorship / monitoring. We can't have people rocking the boat.

Re:Why not? It's cheap. (0)

Anonymous Coward | more than 2 years ago | (#40245813)

But that's exactly the problem: when war is cheap, the primary reason for war no longer exists (it being the fastest way to convert tax money into fat profits for the chosen few). Personally, I don't see cyberwar be a major component of warfare, only of espionage.

Re:Why not? It's cheap. (3, Insightful)

TubeSteak (669689) | more than 2 years ago | (#40246281)

This new era lets anyone, anywhere, pick off any target.

And that right there is the problem.
In the past, when war was purely about bombs and boots on the ground, you could rely on your physical defenses and alliances to protect you from retaliation.
The USA and Germany don't have to worry about Jihadist drones dropping bombs on New York or Dusseldorf,

But they certainly have to worry about malicious hackers with a grudge.
Today, the internet is such a soft target that it's tragic.

The developed world may be starting a war where they can't project numerical or tactical superiority.
LulzSec and Anonymous show that you don't need the resources of the NSA to go after big targets.
http://cryptome.org/2012/06/lulzsec-sneak-preview.htm [cryptome.org]

Re:Why not? It's cheap. (0)

Anonymous Coward | more than 2 years ago | (#40247437)

Is this a bad thing? If war no longer has borders, maybe everyone will have to think in more cosmopolitan terms.

Re:Why not? It's cheap. (0)

Anonymous Coward | more than 2 years ago | (#40246603)

And by "shut off", you mean disable safety functions, and then cycle at a rate causing harmonic resonance until the centrifuge literally explodes, quite possibly actually killing somebody nearby right?

Make no mistake -- it was an act of espionage and war.

Re:Why not? It's cheap. (1)

PPH (736903) | more than 2 years ago | (#40247597)

But cheap upsets the status quo. Conventional war is (and always was) expensive. And that means you can predict the outcome based on GDP. Not so with cyber war. Almost anyone can play and wealth serves to provide more targets, not more weapons. So it turns the winner/loser equation on its head.

And what cyber war doesn't do, which makes it feared, is to directly produce body count. Body count is what makes war morally abhorrent. The cold war never turned 'hot' because all of the major players found the outcome to be unacceptable, even in the event of their winning. With cyber war, the perception is going to be that a bunch of banks and other financial institutions are damaged or taken down. And right now, that's even a fantasy of the average Joe, not a terrifying prospect.

Re:Why not? It's cheap. (1)

dkf (304284) | more than 2 years ago | (#40250727)

Then chemical weapons killed so many people all at once, the game wasn't fun anymore, but you could still send your plebians out to rattle your sabres.

Unfortunately for your thesis, it wasn't chemical weapons that made things "not fun" (they were too uncertain to be reliable weapons) but rather more prosaic things like machine gun nests and artillery.

Re:Why not? It's cheap. (1)

rtb61 (674572) | more than 2 years ago | (#40252799)

World war 2 computers were not a big thing. Calculation where done largely mechanically in the field and the internet did not exist, yet there were nukes. Cyberwarfare is bullshit and the lie relies upon unprepared and insecure enemy with computers connected to the internet. The reality of course is a free for attacks people, corporations and the internet backbone itself. Anything but a purely defensive stature is insane. Any bugs or security failures that are found and then not disclosed to be corrected is simply relying on dumb luck that the enemy doesn't also find them and use. Basically any attack only suits criminals with criminal intent.

If you're going to play bullshit games like that, just use off the shelf hardware to create a stealth cruise missile to start murdering foreigners and destroying technical infrastructure at random. If it is all about being destructive and not getting caught when go half measures. If you hacks when released start infecting hospital prescriptions and making lethal alterations, really just how stupid has your cyberwarfare game become.

No government department ever has the right to with hold discovered faults from repair in the hopes of deploying it themselves only to see their own citizens become victims of it when used by organised crime. That's what bullshit cyber warfare is really about. Find back doors, keep them secret and then toss them aside when criminals also start finding and using them and basically screw the victims created until the fault is fixed. Instead of proper policing find back doors and remove them. In fact what you end up with government departments working against each other at taxpayer expense.

unintended victims (1)

fustakrakich (1673220) | more than 2 years ago | (#40245653)

You mean collateral damage? Non issue. This is WAR!

No surprise there.. (0)

Anonymous Coward | more than 2 years ago | (#40245667)

After all, this is the country that has been sponsoring data theft from neighbouring Switzerland (and then got very upset when a warrant was issued for the tax officials involved instead of acknowledging that they have effective stimulated crime).

The Internet has simply become the latest platform for economic espionage. I really don't think it's only the major nations - I think every country is trying to build up capability, even if just to work out some form of defensive strategy.

So much talent wasted..

'capacity to operate in hostile networks' (3, Funny)

NettiWelho (1147351) | more than 2 years ago | (#40245793)

"'The initial capacity to operate in hostile networks has been achieved,'" Took them 6 years to notice their ethernet cable wasnt plugged in?

Wrong Country (0)

Anonymous Coward | more than 2 years ago | (#40246129)

No, they are not Americans... The Germans are known for being competent.

Re:Wrong Country (0)

Anonymous Coward | more than 2 years ago | (#40246379)

Wow. Not only is that a really poor joke, but it's like saying Germans are bad at cooking bratwurst. The Americans invented the internet, TCP/IP networking and ethernet.

Re:Wrong Country (0)

Anonymous Coward | more than 2 years ago | (#40249173)

You don't cook bratwurst, you brat it. That's the whole point of it. And everybody knows that the Internetzwerk was invented by Siemens.

Re:'capacity to operate in hostile networks' (1)

a90Tj2P7 (1533853) | more than 2 years ago | (#40246275)

"'The initial capacity to operate in hostile networks has been achieved,'" Took them 6 years to notice their ethernet cable wasnt plugged in?

No, they were downloading a copy of Windows XP when the jerk stopped seeding at 99%.

The perfect weapon (1)

ThatsNotPudding (1045640) | more than 2 years ago | (#40246755)

Destroying both the target and the user.

Ingrates.

Love them Jackboots. (1)

infonography (566403) | more than 2 years ago | (#40246847)

you know, the uniform, the lowslung stun ray holster, the mindless tedium

Anybody found the backdoor in SELinux yet? (0)

Anonymous Coward | more than 2 years ago | (#40247275)

I mean it was written by the NSA ... and given the recent Microsoft certificate debacle, what should we consider safe?

yes (0)

Anonymous Coward | more than 2 years ago | (#40247645)

and im not telling you....

Finally - now I can really be an internet warrior (1)

jafir (2657255) | more than 2 years ago | (#40250059)

Who knew! All this time I was learning coding I was actually training to be a soldier! Well, that's one less thing on the bucket list...
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>