Nato warns of strike against cyber attackers
ge at linuxbox.org
Tue Jun 8 22:44:20 UTC 2010
On 6/8/10 10:07 PM, J. Oquendo wrote:
> So NANOGer's, what will be the game plan when something like this
> happens, will you be joining NATO and pulling fiber. I wonder when all
> types of warm-fuzzy filtering will be drafted into networking: "Thou
> shall re-read RFC4953 lest you want Predator strikes on your NAP
We must distinguish between the m.o. of an actual response, and
deterrence. If we speak of deterrence, I wrote about it not long ago.
Deterrence online is one of the biggest idiocies of the past couple of
years. There are some interesting research possibilities in the subject
matter, but not as it is portrayed today -- a cure-all strategy.
Strategic experts are very comfortable with Cold War strategy following
around 70 years of practicing it, so when asked to deal with the
Internet, they ran to deterrence.
In order to have deterrence, you require first an ability to respond to
an attack. On the Internet, you may never find out who is attacking you,
and data may be intentionally misleading when you think you do have some
It is just virtually impossible to tell who is behind an attack from
technical data alone.
Thus, deterrence against whom?
You may say that by setting an occasional example, it doesn't matter who
you attack. That is mostly false as well.
If we do know who is attacking us, then consider the players can now be
(and indeed are) unaffiliated individuals or groups who may not care
about the infrastructure of the country they are in nor have any
infrastructure to speak of (which can in turn be targeted). Any attack
will likely be against a third-party that has been hacked, i.e. compromised.
And if you're dealing with large-scale attacks, such as DDoS, responding
in kind (with DDoS, botnets, etc.) will also hurt the Internet itself
with collateral damage.
There are some particular instances where deterrence does work online,
and it may also be used as a general addition to real-world deterrence
(we have cyberweapons -- beware!), but these are just points that would
muddy the water in the wider argument before us.
I think supporting such folly is generally folly itself. For further
reading, I'd point you to this comprehensive and quite excellent
document: "Cyber Deterrence and Cyber War," by Martin C. Libicki:
More information about the NANOG