2/3 of Britains believe they should Strike first in Cyber War – Would it Work?

GCHQ at Cheltenham, Gloucestershire

A recent poll in the UK by the security company LogRhythm revealed that 65% think that Britain should pre-emptively strike countries that pose a cyber threat to the nation. And only 18% of those polled believed that pre-emptive strikes were unjustified.

Britain is hit by up to 1,000 cyber attacks per hour. These attacks are focusing on government sites, corporations, and even the country’s communication network. By why would such a large number believe that first strikes are the correct course of action?

According to the poll, the public in general seems to have lost faith that their private information can indeed be kept private. 41% polled believe that their data stored by companies or the government will be compromised by hackers. And these fears are not unjustified, especially with the rise of hacktivism. Hackers are constantly breaking into big name technology corporations and government sites worldwide and dumping databases to the public.

I agree in taking an offensive stance against cyber attacks. But one problem is the very anonymous nature of the internet. Being attacked in the cyber realm is not like facing another nation on the field of battle. Forces don’t form battle lines and approach in columns. There are no entrenched troops to strike and no supply lines to cut.

It is fairly trivial for a hacker to bounce his attacking traffic through several nations before it reaches the intended target. He could even be using a compromised server in an ally nation (or neutral country) to attack yours. How would you know which nation to strike back at?

Earlier this year a Pakistani hacker group attacked Israeli websites over the Gaza strikes. They changed Israeli DNS settings and pointed major Israeli websites to a defaced website – that was hosted in Texas!

The hacker group set up a server with a legitimate American server hosting company. When they made the DNS change, anyone who surfed to Israel’s Microsoft site or big name social media sites would end up at the server in Texas.

Of course, as soon as the US web hosting company was notified of what was going on, they moved to have the correct DNS settings restored and took down the hosted webpage. Oddly enough, for a short period of time though before it was complete taken down, the hosted website displayed a new message – “Pakistanis Suck!”

Another problem with hacktivism type attacks is that they seem to pull in other groups who respond in kind. So you may have one or two perform web defacements or SQL attacks, then in reprisal two or three other groups attack back in revenge. Which of course spurs more groups into the fray to respond with their own attacks.

Granted these are more nuisance types of attacks, but as Russia’s military is rumored to use the RBN to perform attacks, China or other nations could do the same. And they could be armed with more potent programs like Stuxnet, instead of those that just perform denial of service attacks.

A lot of cyber attacks and cyber espionage attempts do seem to originate from China. By far, China has the most internet users in the world. They have 10 times the users that the UK has and twice as many as the US. The scary part is that the US already has almost 80% of their population online. so far, China is only 40% connected…

World connected users

At this point they could probably put up 5-10 very talented hackers for every one of ours. Maybe 100 or even 1000 to one for those just running script based attacks or using hacker programs.

Do we really want to get into a tit-for-tat battle with them?

Something must be done, and now. Any attacks against foreign nations would have to be covert. Chances our that allied forces already have a good hold on foreign networks and communication systems.

The US cyber command was formed from initial work by the NSA. According to Richard Clarke’s book “Cyber War: the next Threat to National Security” the NSA has already compromised many foreign networks:

“Although not authorized to alter data or engage in disruption and damage, NSA thoroughly infiltrated the Internet infrastructure outside the U.S. to spy on foreign entities.”

But the NSA did not have legal authority to actually attack in times of war. US military forces were folded in with the NSA to give it the legal authorization needed to attack foreign cyber space. Thus creating Cyber Command.

The US is allegedly the top in offensive cyber power, but obviously is far lacking in defense. The UK suffers from the same weakness. This past summer, Jonathan Evans, the head of MI5 claimed that one attack alone caused a London based company about $1.3 Billion.

The question is then, how do we perform critical pre-emptive offensive strikes without being crippled ourselves by a counter attack?

Advertisements

Map of Drones over the United States and Drone Failures

Map_of_Drone_Flights_over_US

The Electronic Frontier Foundation (EFF) has released a new map of authorized Drone use in the United States. The map is created from information obtained from EFF’s Freedom of Information Act lawsuit against the FAA. This is an update to a previous map released in April.

The locations show specific identities, including Military and State and Local Law Enforcement, that have applied to the FAA for permission to fly unmanned aerial vehicles in United States airspace.

This has raised a lot of privacy and safety concerns. Especially according to the EFF article, as some of the drones used are military grade:

Perhaps the scariest is the technology carried by a Reaper drone the Air Force is flying near Lincoln, Nevada and in areas of California and Utah. This drone uses “Gorgon Stare” technology, which Wikipedia defines as “a spherical array of nine cameras attached to an aerial drone . . . capable of capturing motion imagery of an entire city.” This imagery “can then be analyzed by humans or an artificial intelligence, such as the Mind’s Eye project” being developed by DARPA. If true, this technology takes surveillance to a whole new level.

There is also the danger of them crashing into populated areas. As this chart from an Air Force Risk Assessment shows:

Predator_Risk_Assesment

This chart is very interesting as it shows several issues that could affect Predator drones. Failure of command link, software failure, weather and conflict during execution of lost link procedures all seem very viable reasons of how Iran has procured two of our drones.

One of which, the Stealth Drone obtained last year, they are now claiming that they can duplicate:

“The American RQ-170 drone will be undoubtedly duplicated,” Commander of the IRGC’s Aerospace Division Brigadier General Amir-Ali Hajizadeh noted on Tuesday.

I highly doubt this is true as even China is having trouble manufacturing the material for stealth aircraft skin and tried to steal some from the US earlier this year.