×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US Cyber Command Reveals Plans To Hit Back At Cyber Threats

ScuttleMonkey posted about 6 years ago | from the shoot-first-ask-questions-later dept.

Security 95

CNet News.com is reporting that the Air Force's Cyber Command has just as much interest in offense as defense. "Air Force Cyber Command (AFCYBER), a US military unit set up in September 2007 to fight in cyberspace, is due to become fully operational in the autumn under the aegis of the US Eighth Air Force. Lieutenant general Robert J. Elder Jr., who commands the Eighth Air Force's Barksdale base, told ZDNet.co.uk at the Cyber Warfare Conference 2008 that Air Force is interested in developing its capabilities to attack enemy forces as well as defend critical national infrastructure. "

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

95 comments

dupe first, ask questions later dept (4, Insightful)

zappepcs (820751) | about 6 years ago | (#22966286)

It still means bad things are about to happen when the defense team is studying offense tactics

Re:dupe first, ask questions later dept (3, Insightful)

TubeSteak (669689) | about 6 years ago | (#22966344)

It still means bad things are about to happen when the defense team is studying offense tactics
If your defensive plan doesn't include any offensive measures, you're doing it wrong.

To put it in simple terms, if someone is abusing your network bandwidth, you don't just throttle them down, you go tell them to knock it off (or something equivalent). That's an "offensive measure" and it's common sense, isn't it?

Re:dupe first, ask questions later dept (1)

baudilus (665036) | about 6 years ago | (#22966364)

Actually, that's also a defensive measure. An offensive measure would be more like block traffic to certain sites ahead of time.

Re:dupe first, ask questions later dept (2, Insightful)

gnick (1211984) | about 6 years ago | (#22966666)

An offensive measure would be more like block traffic to certain sites ahead of time.
Blocking traffic is still a defensive strategy. There's a difference between proactive defense and offense.

Re:dupe first, ask questions later dept (1)

HateBreeder (656491) | about 6 years ago | (#22967248)

No, an offensive measure would be more like destroying the person's computer, thus taking away his ability to attack you.

Re:dupe first, ask questions later dept (2, Funny)

charlesj68 (1170655) | about 6 years ago | (#22967844)

No, an offensive measure would be more like destroying the person's computer, thus taking away his ability to attack you.
Well ... the Air Force should be quite good at doing that sort of thing.

Re:dupe first, ask questions later dept (2, Funny)

Heembo (916647) | about 6 years ago | (#22968206)

An offensive measure would also mean sending a few burley Marines to the offenders office to beat the tar out of them. Now thats that I call "Intrusion Prevention"

Re:dupe first, ask questions later dept (2, Funny)

Opportunist (166417) | about 6 years ago | (#22968516)

Well, I guess that would qualify as a hardhack, no?

Re:dupe first, ask questions later dept (1)

Heembo (916647) | about 6 years ago | (#22968532)

Well, I guess that would qualify as a hardhack, no?
I think of it as long-term post-incident Intrusion Prevention with a VERY LONG network delay.

Re:dupe first, ask questions later dept (4, Funny)

Opportunist (166417) | about 6 years ago | (#22968756)

In the face of this development, the "Time to live" header field gets a whole new meaning...

Re:dupe first, ask questions later dept (2, Funny)

Heembo (916647) | about 6 years ago | (#22968782)

In the face of this development, the "Time to live" header field gets a whole new meaning...
Indeed. So does the "kill bit". :)

Re:dupe first, ask questions later dept (3, Informative)

zappepcs (820751) | about 6 years ago | (#22966386)

for some good responses to this article the first time around, try http://it.slashdot.org/comments.pl?sid=508970&cid=22942214 [slashdot.org]

Re:dupe first, ask questions later dept (1)

EnOne (786812) | about 6 years ago | (#22966878)

Nick to know that I'll be doing my online shopping in the 'Green Zone' hoping I don't get hit by a roadside logic bomb.

Re:dupe first, ask questions later dept (1)

Original Replica (908688) | about 6 years ago | (#22966882)

If your defensive plan doesn't include any offensive measures, you're doing it wrong.

Let's put that idea into a different context. As the state and local police forces around our country take continue to take a more offensive stance do you feel safer [stopthedrugwar.org]? How about the way music labels protect their interests, is that better when it is offensive? I don't think so. I think that the only time an offensive posture look like a good defense is when you are on the side being more aggressive. To everyone not being directly served by the increased aggressiveness it just looks like abuse of power.

Gearing up for offensive strikes breeds the "need" for offensive strikes. It's human nature, people go with what they know and train for as the answer. A surgeon will try to fix things with surgery first while a pharmacist will try to fix the same problem with medications. Or in a more slashdot-esque analogy: a programmer will see the solution to a task through the filter of the programming languages they know the best, and have focused on most recently. When you have big organizations spending a lot of time and money training to attack, they will find reasons and targets to use that training on.

Re:dupe first, ask questions later dept (1)

Daniel Dvorkin (106857) | about 6 years ago | (#22967816)

The problem you're describing is one of the fundamental reasons to keep law enforcement and military operations separate. In law enforcement (whether criminal or civil) defense is the only reasonable option -- cops can't go around arresting people for the hell of it, and private individuals can't sue people for the hell of it, or the whole system becomes hopelessly overloaded and corrupt. In military operations, on the other hand, attack must be as much a part of the plan as defense; neither works by itself. Unfortunately, the increasing militarization of criminal law enforcement thanks to the "War on Drugs" and now the "War on Terror," and the insane aggressiveness in civil law enforcement of groups like the RIAA, has seriously blurred this line.

Re:dupe first, ask questions later dept (1)

wolf12886 (1206182) | about 6 years ago | (#22968978)

While were all dwelling on analogies, what if we were to apply your analysis to a more direct conflict, such as a fist fight?

If your opponent is throwing punches, you can defend yourself all you want, but unless you can strike back, the only question is how long you can last before you inevitably break.

Come to think of it, if you consider your analogies more carefully, you'll see that both are fundamentally flawed. Lets say a serial killer is on the loose, would you feel safe if all you had was the polices assurance that they'd try to protect you in the event of an attack, or would you rather have them collect evidence from previous attacks, and attempt track down and take out the killer preemptively? As for your reference to the antiquated, and soon to be extinct Record labels, of course we'd rather have them on the defensive, considering we're there adversaries.

I guess you inadvertently summed it up yourself:

the only time an offensive posture looks like a good defense is when you are on the side being more aggressive

I agree, if your fighting someone, and excellent strategy is only going to look "good" if your the one using it...

Re:dupe first, ask questions later dept (1)

AP31R0N (723649) | about 6 years ago | (#22973196)

You're forgetting the W. is still president. Which means he's still CiC, therefore the military, all who are in it, and all that it does is evil. Because W. is the anti-Elvis and the worse than Hitler, Saddam, Bin Laden and Bill Gates combined.

Re:dupe first, ask questions later dept (1)

d474 (695126) | about 6 years ago | (#22973746)

If your defensive plan doesn't include any offensive measures, you're doing it wrong.
But when your defensive strategy relies more and more on offensive measures, it's no longer a defensive strategy, it's called empire building. The trick is being able to identify the "slipping point" of that slope. The populace needs to be careful about embracing these "defensive measures" and make sure it isn't just pretty packaging for an offensive end game.

Re:dupe first, ask questions later dept (0, Troll)

Attila Dimedici (1036002) | about 6 years ago | (#22967100)

It still means bad things are about to happen when the defense team is studying offense tactics
What defense, this is the Air Force we are talking about? Despite the name (Defense Department) the military is about offense. The best description of the job of the military I have seen is: "break things and kill people."

Re:dupe first, ask questions later dept (1)

AnomaliesAndrew (908394) | about 6 years ago | (#22968048)

This is the frickin' pre-emptive war post-911 USA military.

I'm surprised to learn that we're essentially doing the old "HELO" to port 139 bitchslap on the enemy as a response when we could just as well resolve their physical location and drop some thermite down their "stovepipe".

I can just see it now... "These radical script kiddies hate our network neutrality and ascii pr0ns... and so we must take the herring to them and slap them with it before they slap us."

Seriously, why is the military even using "the internet" other than to snoop the traffic? For secure communications, they should be using something private, and only fall back on that in the event that the rest of their network fails (i.e. nuclear war, assuming the internet would still work, and that anybody would be around to use it.)

I would be deeply saddened if the military has, say... HTTP servers with sensitive information that are in any way accessible from the real world.

Re:dupe first, ask questions later dept (1)

carnivorouscow (1255116) | about 6 years ago | (#22968052)

We do have a "Department of Defense" that's in charge of thousands of tanks, heavy bombers, aircraft carriers and atomic submarines so at least we're consistent. I'm still waiting on the departments of truth and love.

Re:dupe first, ask questions later dept (1)

RobertJon (1156451) | about 6 years ago | (#22976130)

If you attract the attention of the US military, then you deserve to be destroyed.

why? (0)

Anonymous Coward | about 6 years ago | (#22966308)

its the freaking air force. all they need to do is tracert to the offending IP and then B-52 the area.

Re:why? (1)

baudilus (665036) | about 6 years ago | (#22966346)

IP address are not latitude and longitude. I'm so glad they don't think like that.

Re:why? (0)

Anonymous Coward | about 6 years ago | (#22966506)

right, but it would be easy enough to find the offending ISP. take that out and they are cut off. take out a 10 mile radius and you probably have them too.

Re:why? (1)

peragrin (659227) | about 6 years ago | (#22966602)

except that for static IP's(especially under IPv6) the RIAA has shown us that you can target an individual. Once you have an address, the only thing left would be to get a Predator Drone to follow them and launch a low yield hellfire missile. You could blow them up in rush hour traffic with minimum collateral damage.

Re:why? (1)

thePowerOfGrayskull (905905) | about 6 years ago | (#22967164)

And RIAA has also shown us how this method of targeting individuals does not have a great record of being accurate. I suppose that could fall into the category of "collateral damage" too...

Re:why? (0)

Anonymous Coward | about 6 years ago | (#22968984)

Good enough for government work.

Re:why? (1)

IcyNeko (891749) | about 6 years ago | (#22966732)

Wait... I think I remember the plot of this movie.... didn't we turn to an air force-run computer to wipe out a virus tha.... oh no.... SKYNET!

I can see the press release now. (5, Funny)

baudilus (665036) | about 6 years ago | (#22966324)

Robert M. Gates, Secretary of Defense.

"...and they tried to hit us with a DDoS, so we totally pwned those script kiddies. It wasn't hard, they were teh suk..."

Defense. (4, Insightful)

headkase (533448) | about 6 years ago | (#22966392)

Having hackers for offence is all and good but when it comes to defense they need to train the programmers of the "critical infrastructure" in security techniques. And also perform regular penetration testing on the infrastructure correcting any problems they find as they go. So basically the hackers would not only be hacking other nations but they would continually have to try to hack their own as well to defend it.

Re:Defense. (2, Informative)

sgt.greywar (1039430) | about 6 years ago | (#22966910)

They do this. They're called CERTS and one of the many functions that the CERTs perform for the military is pen testing.

Troubling... (1)

TripMaster Monkey (862126) | about 6 years ago | (#22966492)

From TFA:

"IT people set up traditional IT networks with the idea of making them secure to operate and defend," Elder said. "The traditional security approach is to put up barriers, like firewalls--it's a defense thing--but everyone in an operations network is also part of the (attack) force. We're trying to move away from clandestine operations. We're looking for real physics--a bigger bang resulting in collateral damage."
Does this make anyone else nervous?

Should we be nervous? (1)

qbzzt (11136) | about 6 years ago | (#22967260)

We're talking about an organization that has nuclear weapons. Now they'll also be able to shut off a city's electrical and water supply electronically. I don't see why that should make me more afraid.

Re:Should we be nervous? (1)

Em Adespoton (792954) | about 6 years ago | (#22967494)

It should make you more afraid because each nuclear warhead is tracked, guarded, and needs special permissions prior to firing. It's really hard to do all of that to knowledge (what software really is).

To recap: it's really hard to fire a nuclear weapon by accident; it's not that hard to shut off a city's electrical and water supply electronically by accident (in comparison).

Re:Should we be nervous? (1)

megaditto (982598) | about 6 years ago | (#22967594)

Ever heard of a Joe Job?

They already make leaps of logic like "Bin Laden hit us, so let's invade Iraq," so just you wait for the upcoming "DDoS from a Chinese IP, tunneled through a Canadian ISP, so let's invade Venezuela" reasoning...

Re:Should we be nervous? (1)

Opportunist (166417) | about 6 years ago | (#22968588)

Because it's easier to hide, and people don't know jack about it.

Are you afraid of sudden police raids? Usually, not very. And you shouldn't have to if you live in a halfway working democracy. Raids are VERY intrusive, you and your neighbors will notice them and you'll be infuriated when something like this happens trivially. Could you see people get a tad bit upset if a raid became something that happens routinely in your neighborhood, with 99% of them being false alarms? They're loud, they're quite noticable and people do consider them a big invasion into their privacy.

Are you afraid of government snooping on your computers (as it is pushed into law now in some countries in Europe)? I am. Those things work silently, without you noticing, and should it be done wrongly, nothing happens. Nobody notices. Not to mention that "computer invasion" and data theft is viewed as trivial by many. The chance that something like this is done without due process and lightly is quite big. The temptation is great, the "threat" of being caught and people getting angry over it is insignificant. Would governments do it? I'd say so.

Same with atom bombs and cyber attacks. Atom bombs are loud, invasive and people do consider them quite a bit of a threat. So using them is generally viewed as something you just don't do, even the most avid supporters of the US would have a hard time selling support for an atomic strike on some country to their voters. But a cyber attack? Who cares, nobody was hurt. The cleanest war ever! Yes, people die due to the consequences, economies crumble in its wake, but nobody sees that on CNN.

Could you see a rather minimal qualms when considering whether or not to "cyber bomb" some country? I'd guess the international (and national) protests would be insignificant compared to even a conventional war.

Late breaking news! (1)

Xenophon Fenderson, (1469) | about 6 years ago | (#22967362)

When asked if the initiation a program of information warfare against the invaders was wise, given their existing foothold in orbit and on the Plains Of Qtx, K'breel, Speaker for the Council, stressed that there was no cause for alarm:

"While it is true that the sinister blue planet continues to attack our information systems using the spy satellites and military drones that it has sent thus far, we are confident that we can deal with the situation. We have always been able to alter the telemetry data returned by the drones, and when the invaders foolishly integrate their in-orbit weapons platforms with their global data network, we will crush their puny countermeasures and turn their own defensive mechanisms against themselves."
When questioned whether rumors about improprieties in Mars' recent ratification of the OOXML standard had any validity, K'breel declined to comment.

Re:Late breaking news! (1)

Xenophon Fenderson, (1469) | about 6 years ago | (#22989412)

Guess I should have said "Council of Elders" (get it? the guy quoted in Tripmaster Monkey's post was called Elder.) Oh well. Too bad the joke fell flat. :(

Dup Dup Dup WHERRR Dup Dup Dup (0, Redundant)

xxxJonBoyxxx (565205) | about 6 years ago | (#22966524)

Dup Dup Dup WHERRR Dup Dup Dup

(The sound radar makes, right?)

Anyone else think "Cyber Command" staff suffer a higher incidence of wedgies and swirlies than other members of our armed forces?

Re:Dup Dup Dup WHERRR Dup Dup Dup (1)

plover (150551) | about 6 years ago | (#22966814)

Anyone else think "Cyber Command" staff suffer a higher incidence of wedgies and swirlies than other members of our armed forces?

Actually, I'd think it'd be more like "give us your lunch money or we'll fsck up your mortgage, Visa cards, driver's license, and put your wife up on Craig's List."

Re:Dup Dup Dup WHERRR Dup Dup Dup (1)

xxxJonBoyxxx (565205) | about 6 years ago | (#22966952)

Actually, I'd think it'd be more like "give us your lunch money or we'll fsck up your mortgage, Visa cards, driver's license, and put your wife up on Craig's List."


So...America's cyber A-Team has the 1337 skills of an entry-level con man? Can we outsource our electronic defense to the Israeli cyber team or something instead?

Given that many live happily in the armed forces without any of these threatened items, I'm sticking with my theory of an unusually high wedgie-per-day rate.

Wast of money (1)

kaynaan (1180525) | about 6 years ago | (#22966530)

What is the story hear ? did anybody think that Cyber Command was only interested in Defense ???? who do you take me for .......... my tinfoil hat may be in the closet but it hasn't started collecting dust yer

Contact General Spielberg! (2, Funny)

Chonnawonga (1025364) | about 6 years ago | (#22966590)

Oh, great. How much did Hollywood pay them to do this?

Announcement for terrible cyber-war movie in 5... 4... 3...

"Sergeant! I've been pinged!"

"Dammit, Johnson! Get out of there!"

Re:Contact General Spielberg! (1)

Opportunist (166417) | about 6 years ago | (#22968670)

Oh c'mon, we all know how this has to look Hollywood-style:

(Setting: A dark, gloomy room, packed with varying rattering machinery and the machine that goes 'ping'. Various people with good hygene, perfect haircut and decent uniforms (with ties!) sitting in front of screens that paint their faces in neon green. No nachos or pizza anywhere. Suddenly, Private Johnson reports)

Pvt Johnson: "Sir, I think I picked up a signal."
Officer: "Can you pinpoint it?"
Pvt Johnson: "Yeah, the computer is on it."

(We look at a screen running a program that is done by the same company that makes the forensic tools for CSI which zooms randomly across a google earth map. Finally it flashes a bit bullseye squarely across some country that we want to be in war with)

Pvt Johnson: "It's fairly weak, but we managed to trace it back."
Some random guy: "That's where according to our intel that top terrorist Alka-Seltzer is hiding."

(...and so on. If you want to get bored some more, watch Navy CIS)

CyberCommand (0)

Anonymous Coward | about 6 years ago | (#22966604)

None of this should be of any surprise to anyone, if you don't think that we have guys who are doing penetration testing on OUR OWN infrastructure then your disillusioned. While I don't really understand his meaning of collateral damage, (maybe take out a power grid via net-ops that causes other failures?). In the long run, I think its a lot of buzzword talk they like to hear themselves say.

so they plan to attack over our privately owned (0)

Anonymous Coward | about 6 years ago | (#22966964)

so they plan to attack over our privately owned networks?
if i have a host on my lan that i manage these people better
ask for permission first. i find it disgusting that they are
acting no different then a bunch of slobs on efnet hacking
channels and abusing a network that is privately owned by
companies accross the world.

i find it humurous that they consider themselves somehow different
then a script kid.

Re:so they plan to attack over our privately owned (1)

Dan541 (1032000) | about 6 years ago | (#22971340)

Ecactly these people are just a bunch of morons thinking they are all high and mighty.

They really are no different than everyone else on the net except that they have their computer brought for them by the American taxpayer.

If my server gets DDoSed are they going to help defend it? It is on US soil after all.

~Dan

lamest name ever (1)

jollyreaper (513215) | about 6 years ago | (#22966970)

US Cyber Command. Does this sound as cheesedick to them as it does to the rest of us?

Re:lamest name ever (1)

CheeseTroll (696413) | about 6 years ago | (#22967052)

Reminds me of a group of executives within our company back in the 90's that called themeselves the 'cybersuits'. It was a lame name even for back then! I suggest "Ether Force" as a better name.

Imagine the possibilities (1)

DRAGONWEEZEL (125809) | about 6 years ago | (#22967016)

Maybe they can find a way to have a router overvolt a packet to knock out an individual computer! (j/k but it'd make good stupid movie explanation)

I have allways wondered why people don't automatically Re-DOS the DOSer. Is that even possible, just start picking targets that are attacking, and flood them back till their network card pops or something.

Re:Imagine the possibilities (1)

syntaxeater (1070272) | about 6 years ago | (#22967810)

Most (if not, all) of the time the attacker isn't the attacker. (see botnet)

Re:Imagine the possibilities (1)

DRAGONWEEZEL (125809) | about 6 years ago | (#22968384)

I have been around a bit, I do know that about bot nets. But if you burn kill a box, one at a time, via a magic packet exploit of some sort, or some kind of dos attack, how long would it take you to blow out multiple small boxes if you had 1 central mega setup? It would be like an "bizzaro" DoS attack.

It'd be like playing starcraft. If you put a solder agianst a tank, your going to lose the soldier right? But if all you have is soldiers and you focus fire down on the largest units first they all will eventually wear down (this is a DOS essentially right?). Yeah you'll lose lots of soldiers, but you'll replace your soldiers faster than tanks.

Conversley, if a tank hits a soldier, he instantly dies. Since this is electronic warefare, and the big behemoths on the net are like SUPER tanks w/ lots of little gunners too. maybe there is some algorithym they can employ to do a backwards DOS, rapidly switching off targets as they expire?

(that was my Idea but I didn't portray it well sorry)

Re:Imagine the possibilities (1)

Opportunist (166417) | about 6 years ago | (#22968712)

Because YOU are in the wrong, then. No kidding.

The average DDoS is not conducted by some machines in the possession of those that attack. It's a network of machines infected with backdoors that allow the attacker to use those machines. The current fad is sending out spam, but they can be used for a DDoS as well.

So. Now you, the attacked, go ahead and snipe those machines off the net. Which is usually no big deal, we're talking consumer PCs running on consumer DSL lines here, if you have a halfway powerful rig yourself, DOSing them into oblivion is trivial.

And you became an attacker. No joke. The person that attacked you was not willingly participating in the attack but only negligent when it comes to their computer security (which is afaik in NO country a crime, for some odd reason), so they are not guilty of doing anything, at least legally. You can not hold them liable for the attack, and if you "defend" yourself by attacking the attacker, you are the criminal. Because you deliberately attacked, while they only "accidently" did so.

Fun, ain't it?

Re:Imagine the possibilities (1)

MadMidnightBomber (894759) | about 6 years ago | (#22971354)

I have always wondered why people don't automatically Re-DOS the DOSer.

Yeah, because when your pipe is full of traffic you don't want, the best thing is to double it and hit a load of home computer users who will just think the 'net is a bit slow today.

Re:Imagine the possibilities (1)

Dan541 (1032000) | about 6 years ago | (#22971358)

I have allways wondered why people don't automatically Re-DOS the DOSer. Is that even possible, just start picking targets that are attacking, and flood them back till their network card pops or something.
How do you intend to solve a problem by contributing to it?

I'd conserve my remaining bandwidth for normal operations afterall what good is my server if it's unreachable?

~Dan

I guess this explains a few things... (3, Interesting)

IonOtter (629215) | about 6 years ago | (#22967058)

Other causes for military concern include possible supply-chain vulnerabilities, where vulnerabilities are introduced into chipsets during manufacturing that an adversary can then exploit, and electronics vulnerabilities.

I guess that explains what happened to me?

I got an email from a supply company requesting payment of nearly $15,000 for, I kid you not, 2200 telephones. Apparently, they'd been ordered, purchased and delivered to my former duty station at NCTAMS PAC in Hawaii.

Mind you, they were all delivered to a mailbox that was probably all of 8x3x5 inches. I did the math, and 2200 desk telephones wouldn't have fit inside the whole mail BUILDING, let alone the post box.

Nobody at the base ever saw the order-they would have, since that many phones would have come on 5 pallets-and nobody knew what they heck was going on. Finally, after working with the business owner, it was determined that the owner had been hacked.

The phones went one way, the bill went the other, I got a nervous laugh, the poor business owner got screwed and the military was twirling around going "Wha?! Wha?!? HUH!??!"

Didn't have to pay a cent, though. Wonder how it turned out?

Re:I guess this explains a few things... (0)

Anonymous Coward | about 6 years ago | (#22967204)

Didn't have to pay a cent, though. Wonder how it turned out?
If it makes you feel better I got carpal tunnel unpacking and scraping the serial numbers off the phones. >:0

Is The Pirate Bay gonna get bombed? (1)

phoomp (1098855) | about 6 years ago | (#22967068)

Given the recent attempts to equate piracy with terrorism, how long until the US Cyber Command takes down The Pirate Bay?

Re:Is The Pirate Bay gonna get bombed? (1)

qbzzt (11136) | about 6 years ago | (#22967300)

I assume whoever configured The Pirate Bay's Web site realized people will try to hack into that system. Besides,

Unless I miss my guess, the US Cyber Command would be more interested in things like the power supply in Tehran or the water supply in Damascus. You know, systems used by nation states that could become enemies.

Re:Is The Pirate Bay gonna get bombed? (1)

dennypayne (908203) | about 6 years ago | (#22968262)

More to the point, how long until they start taking down all of these REAL terrorist websites that we always hear about in the news? If Al-Qaeda is able to communicate and release statements over the web, it seems logical that the Cyber Command (snicker) would want to interfere with that as much as possible. Yet I've never seen any reports of this type of action. Have I missed them somewhere?

Denny

Re:Is The Pirate Bay gonna get bombed? (1)

Dan541 (1032000) | about 6 years ago | (#22971374)

I think if they can stand up to the determination of the RIAA and MPAA they are pretty safe.

An attach on Sweden's infrastructure (DoS attack) might be seen as an act of war. I would certainly view it as such.

~Dan

Not very intelligent in the long run (1, Insightful)

Anonymous Coward | about 6 years ago | (#22967500)

We've had this debate many times here. All of would love to use offensive expoits against spammers, or to hit agressive corporations like Sony with revenge attacks, but the law, and the considered morals advise against it. For the firstpart you have target identification. Because of spoofing, which any intelligent agressor will use, you can't be sure who you're hitting back at. Secondly there's a difference between using real weapons offensively and hacking weapons. To use the latter you give the weapon away. If you fire a bullet at a target they don't get to keep the shell and the rifle. Different story if you set up your provocateur honeypot to goad the opposition into launching their attacks (which you can then use on them). The whole game pretty quickly spirals out of control. While attack and defence are inseperable; since you must develop exploits to do your own penetration testing, the goal should be overall defensive, to tighten up your own systems. In this way everyone benefits and the attacks become moot. Taking the opposite approach merely leads to proliferation.

You got that right (1)

ILuvRamen (1026668) | about 6 years ago | (#22967678)

I can see it now: "Yeah, all those bits and bytes are for Teh Noobz! EMP them!" They've been developing deployable EMP bombs for years now. That's probably their entire offensive strategy. That and running ship anchors over the country's fiber connections. That seems pretty effective.

I want you! for DDoS Army (2, Funny)

TurinPT (1226568) | about 6 years ago | (#22968200)

Sweet, someday our home PC's will have to do mandatory military service for X years.
Join the national DDoS army now. Its your patriotic duty!

Re:I want you! for DDoS Army (1)

Opportunist (166417) | about 6 years ago | (#22968740)

Would the excuse of the average (infected) computer dummy, i.e. "I already served in Russia" work?

Air forces (3, Funny)

ozbird (127571) | about 6 years ago | (#22969036)

Air Force Cyber Command (AFCYBER), a US military unit set up in September 2007 to fight in cyberspace, is due to become fully operational in the autumn under the aegis of the US Eighth Air Force.

One air force should be enough for any country.

Re:Air forces (2, Funny)

dbcad7 (771464) | about 6 years ago | (#22969928)

I'm just imagining the drills...
Tear down and reassemble the PC box.. timed of course.

Why did you put that PC together so quickly, Gump?
You told me to, Drill Sergeant

Technology won't solve the problem (1)

mnemotronic (586021) | about 6 years ago | (#22969208)

Technology may help ward off attacks, or (if it's really good) help to identify the responsible parties, but it takes a more personal, hands-on encounter to deter future attacks, and dissuade technologists from contributing to cyberattacks. Computers are just computers - people are where it's at, and the personal involvement component is the interesting part of the job. It's also the ticklish part because it needs to happen in a foreign country. Organizations with a developed cyber-terrorist workforce won't like having their black-hats infringed.

What kind of offense? (2, Funny)

ishiboo (1080057) | about 6 years ago | (#22970880)

It sounds like a sweet job.

Step 1. All the computers owned by the government are turned into one giant botnet if they aren't already associated with one.
Step 2. Communicate. Rather than the usual chain of command, everything will be run out of an IRC channel on EFNET that has a key and is invite-only.
Step 3. DDos the middle east, Korea, etc.
Step 4. US Government starts selling shell cacounts for eggdrops.
Step 5. US Government gets into the warez business and opens up a porn site.

Ah, I miss growing up on IRC.

The means to attack... (1)

Douglas Goodall (992917) | about 6 years ago | (#22971030)

If the air force wants to cause the enemy harm. It seems to me they should buy Microsoft and promote the worldwide use of Microsoft software. This software is unreliable, filled with backdoors and trojans, and the use of it causes harm. It make people feel bad and causes depression. This sounds like a form of warfare to me.

Their Site Made It Really Hard For Me To Apply (1, Interesting)

Anonymous Coward | about 6 years ago | (#22972452)

I'm a regular slashdotter who you would recognize, but I'm posting anonymously because I don't want my current employer to know yet.

In a Herculean effort, I succeeded in applying to the Cyber Command just now. But I must say that their website doesn't speak well of their cyber expertise; they make it extremely difficult to figure out how to even apply. The "Join" link on the Cyber Command website [af.mil] just goes to the main Air Force recruiting site [airforce.com], where all I learned is that I'm too old and too fat to join the Air Force. Undaunted, I submitted a question about whether I'd qualify anyway, given that I want to work for the Cyber Command, and gave them a link to my resume.

(I have more than ten years of experience as a software engineer, including embedded, systems programming, and HMI/SCADA. I expect them to be particularly interested in my HMI/SCADA work, as that would be how I'd make things blow up over the Internet.)

Somewhere I found a link to USAJOBS [usajobs.gov] website, where I spent several hours filling out an online resume. They want separate entries for each job one has held, rather than uploading a text resume. They also wanted the name and phone number of every manager I ever had.

But I spent quite a bit of time searching at USAJOBS, and couldn't find any positions that looked like they had anything to do with the Cyber Command.

Back at the Cyber Command website, I found their contact form [af.mil] - which was hard to spot - and which, Lo and Behold! allowed me to specify a recipient of "Employment Inquiries". So I put my resume in there, and pointed out they could find my resume on USAJOBS.

I emailed a buddy who is a civilian software engineer for the Navy, and he told me that most Cyber Command jobs are going to be civilian. So I guess it's OK that I'm old and fat, but I won't get to wear that cool blue Air Force uniform. I imagine I'll also just be flying a desk rather than an electronic warfare jet.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...