A liitle late but I just saw this...
Joe St Sauver
joe at oregon.uoregon.edu
Sat Dec 22 11:34:10 PST 2007
Hi,
I happened to see your recent posting, and since I'm interested in the
cyberwar issue (including having served as co-chair of the DOE "Human
Factors" breakout group charged with considering cyberwar and cyber
terrorism for the DOE Cyber Security Research Needs for Open Science
meeting, see session 4 of http://cybersecurity.colostate.edu/
panels/ ). With that for context...
I'm not sure folks fully understand how strategic cyberwar might/will
actually be waged. In my opinion, cyberwar will not rely primarily on
malware-based attacks. :-; That process is too uncertain, too slow,
too-readily thwarted and would have insufficient penetration or
coverage.
So how might cyberwar happen? Let me give you three examples:
1) We are already experiencing a sort of cyberwar, although because it
began gradually, and has become a chronic phenomenon, no one
acknowledges the negative impact and damage it continually causes to
our economy -- and that is spam. What a perfect attack eh? How much
time is wasted filtering and deleting spam? How many business-critical
messages get blocked or overlooked? How many resources are diverted
from other potentially productive uses? What a great way of promoting
illegal use of controlled substances, too, thereby helping to subvert
the nation's war on drugs.
And yet, because this is an attack of a trillion mosquitos rather than
a frontal attack by a roaring bear, we don't even acknowledge it as an
attack, and there's no way to definitively tie this attack to a
hostile government -- absolute deniability!
2) Tactical cyberwar would certainly include attacks against control
systems; if you're interested you can see my take on this issue at
http://www.uoregon.edu/~joe/scadaig/infraguard-scada.ppt (or .pdf)
3) Full-blown strategic cyberwar, worst case, would involve things
like high altitude electromagnetic pulse-induced damage to terrestrial
networks and power distribution grids, while simultaneously degrading
or destroying non-radiation-hardened satellites aloft.
If you're interested, please also feel free to see my talk, "Planning
for Certain High Risk Security Incidents,"
http://www.uoregon.edu/~joe/highrisk/high-risk.ppt (or .pdf) from the fall
2007 Internet2 Member Meeting in San Diego, where I urge adoption of a
program of hardening critical assets to resist H-EMP.
Feel free to drop me a note if you have any questions,
Regards,
Joe St Sauver, Ph.D. (joe at oregon.uoregon.edu)
http://www.uoregon.edu/~joe/
-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list