Cybarmageddon!: Air Force Wants ‘Full Control’ of ‘Any and All’ Computers”

May 26th, 2008 - by admin

Kevin Poulsen / blog.wired.com & Noah Shachtman / blog.wired.com – 2008-05-26 22:50:23

http://blog.wired.com/27bstroke6/2008/05/air-force-col-w.html

While most government agencies are struggling to keep their computers out of the latest Russian botnets, Col. Charles W. Williamson III is proposing that the Air Force build its own zombie network, so it can launch distributed denial of service attacks on foreign enemies.

In the most lunatic idea to come out of the military since the gay bomb, Williamson writes in the Armed Force Journal that the Air Force should deliberately install DDoS code on its unclassified computers, as well as civilian government machines. He even wants to rescue old machines from the junk bin to enlist in the .mil botnet army.

The US would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.

Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force’s high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.

Next, in what is truly the most inventive part of this concept, Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find.

Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.

fter that, the Air Force could add botnet code to all its desktop computers attached to the Nonsecret Internet Protocol Network (NIPRNet). Once the system reaches a level of maturity, it can add other .mil computers, then .gov machines.

Brilliant! The best defensive minds in the country want to build a massive distributed computing system to do nothing but pump crap into the internet. The article talks about carefully targeting attackers’ machines, but this ignores all the intermediate networks between the Air Force and the target, which will have to contend with a flood of garbage packets whenever some cyber Dr. Strangelove decides to go nuclear.

What’s next? Air Force 4-1-9 scams? Dot mil phishing attacks? The most disappointing thing about this irresponsible proposal is the tacit admission that our elite cyber warriors can’t actually break into an enemy’s computer, instead resorting to a brute force attack designed by web defacement script kiddies eight years ago when Apache servers got too hard to hack directly.

COMMENTS

Reader A.E. Mouse says,
You all obviously don’t really know anything about cyberwarfare. IHaving this type of capability is essential to IW [infowar] operations. Whether or not we actually need a “botnet” to do it is inconsequential. DDoS attacks can be very useful when used in a coordinated IW attack on enemy communications and network infrastructure.

In addition our relatively unsophisticated enemies have this capability. DDoS, while admittedly juvenile and “last resort”, can be an effective tool. The reciprocity doctrine here applies. If the enemy has one, we need one too, a bigger one. The internet is a new battleground. All weapon types are on the table.

I’m sure that DDoS attacks could be useful to the military under certain circumstances. So could sending our enemies a bunch of unwanted magazine subscriptions, or ordering them dozens of pizzas with anchovies and pineapple (blech). But adults don’t do that sort of thing.

The internet is a community venture, and DDoS is vandalism against the community. There’s no such thing as pinpoint targeting in a DDoS attack; innocent civilian infrastructure is impacted every time.

Basically, Col. Williamson has noticed that there are bad guys in the swimming pool, and his solution is to piss in their general direction. That’s the kind of behavior that rightly gets you kicked out of the pool and sent home for the summer.

Posted in accordance with Title 17, US Code, for noncommercial, educational purposes.


Air Force Aims for ‘Full Control’ of ‘Any and All’ Computers
Noah Shachtman / blog.wired.com

(May 13, 2008) — The Air Force wants a suite of hacker tools, to give it “access” to — and “full control” of — any kind of computer there is. And once the info warriors are in, the Air Force wants them to keep tabs on their “adversaries’ information infrastructure completely undetected.”

The government is growing increasingly interested in waging war online. The Air Force recently put together a “Cyberspace Command,” with a charter to rule networks the way its fighter jets rule the skies. The Department of Homeland Security, Darpa, and other agencies are teaming up for a five-year, $30 billion “national cybersecurity initiative.”

That includes an electronic test range, where federally-funded hackers can test out the latest electronic attacks. “You used to need an army to wage a war,” a recent Air Force commercial notes. “Now, all you need is an Internet connection.”

On Monday, the Air Force Research Laboratory introduced a two-year, $11 million effort to put together hardware and software tools for “Dominant Cyber Offensive Engagement.” “Of interest are any and all techniques to enable user and/or root level access,” a request for proposals notes, “to both fixed (PC) or mobile computing platforms… any and all operating systems, patch levels, applications and hardware.” This isn’t just some computer science study, mind you; “research efforts under this program are expected to result in complete functional capabilities.”

Unlike an Air Force colonel’s proposal, to knock down enemy websites with military botnets, the Research Lab is encouraging a sneaky, “low and slow” approach. The preferred attack consists of lying quiet, and then “stealthily exfiltrat[ing] information” from adversaries’ networks.

But, in the end, the Air Force wants to see all kinds of “techniques and technologies” to “Deceive, Deny, Disrupt, Degrade, [or] Destroy” hostile systems. And “in addition to these main concepts,” the Research Lab would like to see studies into “Proactive Botnet Defense Technology Development,” the “reinvent[ion of] the network protocol stack” and new antennas, based on carbon nanotubes.

Traditionally, the military has been extremely reluctant to talk much about offensive operations online. Instead, the focus has normally been on protecting against electronic attacks. But in the last year or so, the tone has changed — and become more bellicose. “Cyber, as a warfighting domain . . . like air, favors the offense,” said Lani Kass, a special assistant to the Air Force Chief of Staff who previously headed up the service’s Cyberspace Task Force. “If you’re defending in cyber, you’re already too late.”

“We want to go in and knock them out in the first round,” added Lt. Gen. Robert Elder, commander of the 8th Air Force, which focuses on network issues.

“An adversary needs to know that the U.S. possesses powerful hard and soft-kill (cyberwarfare) means for attacking adversary information and command and support systems at all levels,” a recent Defense Department report notes. “Every potential adversary, from nation states to rogue individuals… should be compelled to consider… an attack on U.S. systems resulting in highly undesireable consequences to their own security.”

ALSO:

* Cyberwarfare: Darpa’s New ‘Space Race’
* Pentagon Wants Cyberwar Range to ‘Replicate Human Behavior and …
* Military Surrenders Cyber Security to the Starfish
* Homeland Security’s ‘Cyber Storm’ War Game
* CIA: Hackers Shook Up Power Grids (Updated)
* How to Wage Cyber War
* DARPA’s New Tools for Net Defenders, Cyber-Snoops
* Pentagon Launching Net Attacks
* Air Force Readying Cyber Strikes
* Air Force Cyber Command = Big Money
* Gahh!!! Cyber-Terrorists!!!! Run!!!!
* Air Force Blocks Access to Many Blogs
* Navy Wish List: Ray Guns, Cyber “Domination”
* Air Force’s New Target: Phishing
* NSA Targets Hackers
* Times Comes to Its Senses on Cyber War
* Cyber War? Zzzzzzzzzzzzz
* Substance-Free Cyber-Strikes Spook NATO
* “Cyberwar” Panic Over; Estonia Asks for Russian Help to Find Hackers
* Inside Online Combat’s Future
* THREAT LEVEL on “Cybarmageddon”