Nato warns of strike against cyber attackers

Tue Jun 8 21:08:50 UTC 2010

So let's say a cyber-attack originates from Chinese script kiddie.

Albania, Belgium, Bulgaria, Canada, Croatia, Czech Republic, Denmark,
Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia,
Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania,
Slovakia, Slovenia, Spain, Turkey, the United Kingdom, and the United States
will all respond by invading China? Is NATO trying to start a war here?

There's no mention in the article about any kind of electronic response to
the attack.

-----Original Message-----
From: J. Oquendo [mailto:sil at infiltrated.net] 
Sent: Tuesday, June 08, 2010 3:08 PM
To: nanog at merit.edu
Subject: Nato warns of strike against cyber attackers

>From the NetSec mailing list...

> At http://www.timesonline.co.uk/tol/news/world/article7144856.ece
>
> June 6, 2010
> Nato warns of strike against cyber attackers
> Michael Smith and Peter Warren
>
> NATO is considering the use of military force against enemies who launch
> cyber attacks on its member states.
>
> The move follows a series of Russian-linked hacking against Nato members
and
> warnings from intelligence services of the growing threat from China.
>
> A team of Nato experts led by Madeleine Albright, the former US secretary
of
> state, has warned that the next attack on a Nato country ³may well come
down
> a fibre-optic cable².
>
> A report by Albright¹s group said that a cyber attack on the critical
> infrastructure of a Nato country could equate to an armed attack,
justifying
> retaliation.
>
> Article 5 is the cornerstone of the 1949 Nato charter, laying down that
³an
> armed attack² against one or more Nato countries ³shall be considered an
> attack against them all².
>
> It was the clause in the charter that was invoked following the September
11
> attacks to justify the removal of the Taliban regime in Afghanistan.
>
> Nato is now considering how severe the attack would have to be to justify
> retaliation, what military force could be used and what targets would be
> attacked.
>
> The organisation¹s lawyers say that because the effect of a cyber attack
can
> be similar to an armed assault, there is no need to redraft existing
> treaties.
>
> Eneken Tikk, a lawyer at Nato¹s cyber defence centre in Estonia, said it
> would be enough to invoke the mutual defence clause ³if, for example, a
> cyber attack on a country¹s power networks or critical infrastructure
> resulted in casualties and destruction comparable to a military attack².
>
> Nato heads of government are expected to discuss the potential use of
> military force in response to cyber attacks at a summit in Lisbon in
> November that will debate the alliance¹s future. General Keith Alexander,
> head of the newly created US cyber command, said last week there was a
need
> for ³clear rules of engagement that say what we can stop².
>
> The concerns follow warnings from intelligence services across Europe that
> computer-launched attacks from Russia and China are a mounting threat.
> Russian hackers have been blamed for an attack against Estonia in April
and
> May of 2007 which crippled government, media and banking communications
and
> internet sites.
>
> They also attacked Georgian computer systems during the August 2008
invasion
> of the country, bringing down air defence networks and telecommunications
> systems belonging to the president, the government and banks.
>
> Alexander disclosed last week that a 2008 attack on the Pentagon¹s
systems,
> believed to have been mounted by the Chinese, successfully broke through
> into classified areas.
>
> Britain¹s Joint Intelligence Committee cautioned last year that
Chinese-made
> parts in the BT phone network could be used to bring down systems running
> the country¹s power and food supplies.
>
> Some experts have warned that it is often hard to establish government
> involvement. Many Russian attacks, for example, have been blamed on the
> Russian mafia. The Kremlin has consistently refused to sign an
international
> treaty banning internet crime.
>
>   

Obviously NATO is not concerned with proving the culprit of an attack an
albeit close to impossibility. Considering that many attackers
compromise so many machines, what's to stop someone from instigating. I
can see it coming now:

hping -S 62.128.58.180 -a 62.220.119.62 -p ++21 -w 6000
hping -S 62.220.119.62 -a 62.128.58.180 -p ++21 -w 6000

So NANOGer's, what will be the game plan when something like this
happens, will you be joining NATO and pulling fiber. I wonder when all
types of warm-fuzzy filtering will be drafted into networking: "Thou
shall re-read RFC4953 lest you want Predator strikes on your NAP
locations...

-- 

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT

"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett

227C 5D35 7DCB 0893 95AA  4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E