Re: Nato warns of strike against cyber attackers

Tue, 08 Jun 2010 15:45:57 -0700 

On 6/8/10 10:07 PM, J. Oquendo wrote:

So NANOGer's, what will be the game plan when something like this
happens, will you be joining NATO and pulling fiber. I wonder when all
types of warm-fuzzy filtering will be drafted into networking: "Thou
shall re-read RFC4953 lest you want Predator strikes on your NAP
locations...



We must distinguish between the m.o. of an actual response, and 
deterrence. If we speak of deterrence, I wrote about it not long ago.



Deterrence online is one of the biggest idiocies of the past couple of 
years. There are some interesting research possibilities in the subject 
matter, but not as it is portrayed today -- a cure-all strategy.



Strategic experts are very comfortable with Cold War strategy following 
around 70 years of practicing it, so when asked to deal with the 
Internet, they ran to deterrence.



In order to have deterrence, you require first an ability to respond to 
an attack. On the Internet, you may never find out who is attacking you, 
and data may be intentionally misleading when you think you do have some 
bread crumbs.



It is just virtually impossible to tell who is behind an attack from 
technical data alone.


Thus, deterrence against whom?


You may say that by setting an occasional example, it doesn't matter who 
you attack. That is mostly false as well.



If we do know who is attacking us, then consider the players can now be 
(and indeed are) unaffiliated individuals or groups who may not care 
about the infrastructure of the country they are in nor have any 
infrastructure to speak of (which can in turn be targeted). Any attack 
will likely be against a third-party that has been hacked, i.e. compromised.



And if you're dealing with large-scale attacks, such as DDoS, responding 
in kind (with DDoS, botnets, etc.) will also hurt the Internet itself 
with collateral damage.



There are some particular instances where deterrence does work online, 
and it may also be used as a general addition to real-world deterrence 
(we have cyberweapons -- beware!), but these are just points that would 
muddy the water in the wider argument before us.



I think supporting such folly is generally folly itself. For further 
reading, I'd point you to this comprehensive and quite excellent 
document: "Cyber Deterrence and Cyber War," by Martin C. Libicki:

http://www.rand.org/pubs/monographs/2009/RAND_MG877.pdf

        Gadi.

--
Gadi Evron,
http://gadievron.com/
























					Reply via email to