Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Information Security News: Air Force Colonel Wants to Build a Military Botnet

Air Force Colonel Wants to Build a Military Botnet

From: InfoSec News <alerts_at_infosecnews.org>
Date: Tue, 13 May 2008 03:26:12 -0500 (CDT)

http://blog.wired.com/27bstroke6/2008/05/air-force-col-w.html

By Kevin Poulsen
Threat Level
Wired.com
May 12, 2008

While most government agencies are struggling to keep their computers
out of the latest Russian botnets, Col. Charles W. Williamson III is
proposing that the Air Force build its own zombie network, so it can
launch distributed denial of service attacks on foreign enemies.

In the most lunatic idea to come out of the military since the gay bomb,
Williamson writes in the Armed Force Journal that the Air Force should
deliberately install DDoS code on its unclassified computers, as well as
civilian government machines. He even wants to rescue old machines from
the junk bin to enlist in the .mil botnet army.

    The U.S. would not, and need not, infect unwitting computers as
    zombies. We can build enough power over time from our own resources.

    Rob Kaufman, of the Air Force Information Operations Center,
    suggests mounting botnet code on the Air Force.s high-speed
    intrusion-detection systems. Defensively, that allows a quick
    response by directly linking our counterattack to the system that
    detects an incoming attack. The systems also have enough processing
    speed and communication capacity to handle large amounts of traffic.

    Next, in what is truly the most inventive part of this concept, Lt.
    Chris Tollinger of the Air Force Intelligence, Surveillance and
    Reconnaissance Agency envisions continually capturing the thousands
    of computers the Air Force would normally discard every year for
    technology refresh, removing the power-hungry and heat-inducing hard
    drives, replacing them with low-power flash drives, then installing
    them in any available space every Air Force base can find. Even
    though those computers may no longer be sufficiently powerful to
    work for our people, individual machines need not be cutting-edge
    because the network as a whole can create massive power.

    After that, the Air Force could add botnet code to all its desktop
    computers attached to the Nonsecret Internet Protocol Network
    (NIPRNet). Once the system reaches a level of maturity, it can add
    other .mil computers, then .gov machines.

Brilliant! The best defensive minds in the country want to build a
massive distributed computing system to do nothing but pump crap into
the internet. The article talks about carefully targeting attackers'
machines, but this ignores all the intermediate networks between the Air
Force and the target, which will have to contend with a flood of garbage
packets whenever some cyber Dr. Strangelove decides to go nuclear.

What's next? Air Force 4-1-9 scams? Dot mil phishing attacks? The most
disappointing thing about this irresponsible proposal is the tacit
admission that our elite cyber warriors can't actually break into an
enemy's computer, instead resorting to a brute force attack designed by
web defacement script kiddies eight years ago when Apache servers got
too hard to hack directly.

Update:

Reader A.E. Mouse says,

    You all obviously don't really know anything about cyberwarfare.
    Including you Kevin. Having this type of capability is essential to
    IW [infowar] operations. Whether or not we actually need a "botnet"
    to do it is inconsequential. DDoS attacks can be very useful when
    used in a coordinated IW attack on enemy communications and network
    infrastructure.

    In addition our relatively unsophisticated enemies have this
    capability. DDoS, while admittedly juvenile and "last resort", can
    be an effective tool. The reciprocity doctrine here applies. If the
    enemy has one, we need one too, a bigger one. The internet is a new
    battleground. All weapon types are on the table.

I'm sure that DDoS attacks could be useful to the military under certain
circumstances. So could sending our enemies a bunch of unwanted magazine
subscriptions, or ordering them dozens of pizzas with anchovies and
pineapple (blech). But adults don't do that sort of thing.

The internet is a community venture, and DDoS is vandalism against the
community. There's no such thing as pinpoint targeting in a DDoS attack;
innocent civilian infrastructure is impacted every time.

Basically, Col. Williamson has noticed that there are bad guys in the
swimming pool, and his solution is to piss in their general direction.
That's the kind of behavior that rightly gets you kicked out of the pool
and sent home for the summer.

_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
Received on May 13 2008

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]