Col. Charles W. Williamson III, the staff judge advocate, Air Force Intelligence, Surveillance and Reconnaissance Agency, has suggested that the Air Force, US DoD, and even the civilian government agencies create their own botnet on which to stage DDoS attacks.
The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.
Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force’s high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.
Next, in what is truly the most inventive part of this concept, Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find. Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.
After that, the Air Force could add botnet code to all its desktop computers attached to the Nonsecret Internet Protocol Network (NIPRNet). Once the system reaches a level of maturity, it can add other .mil computers, then .gov machines.
His entire article in the
Armed Forces Journal can be read
here.
In response to the Colonel's article, Kevin Poulsen of
Wired magazine wrote
this articleIn the article, in addition to calling it "the most lunatic idea to come out of the miliary since the gay bomb," he states:
Brilliant! The best defensive minds in the country want to build a massive distributed computing system to do nothing but pump crap into the internet. The article talks about carefully targeting attackers' machines, but this ignores all the intermediate networks between the Air Force and the target, which will have to contend with a flood of garbage packets whenever some cyber Dr. Strangelove decides to go nuclear.
What's next? Air Force 4-1-9 scams? Dot mil phishing attacks? The most disappointing thing about this irresponsible proposal is the tacit admission that our elite cyber warriors can't actually break into an enemy's computer, instead resorting to a brute force attack designed by web defacement script kiddies eight years ago when Apache servers got too hard to hack directly.
I'm not quite sure how I feel about the whole thing, though it wouldn't surprise me if this weren't a new idea and No Such Agency had already put one in place
I do think that Kevin is over-simplifying the issue, though. No where has Col. Williamson stated that the US government has no other options than to resort to "script kiddie behavior." The fact that several other countries, particularly that one in Asia...you know with the largest population in the world...have or will have similar tactics in place suggests that we pretty much need to do the same. Though obviously this is on a different level, I want to liken it to the Cold War arms race. He with the most nukes wins the war...if we both have them, no one fires them. In this case, he with the largest botnet wins the war...or prevents it. Peace through mutual fear.
What say you EHNetters?
P.S. - I think we should run a 419 scam...that could supply the defense budget, thus lowering my taxes
Forum 
Show Posts
Programming : not static?
Forensics : The Julie Amero Case: A Dangerous Farce
