Keeping Defense.gov Up Isn't A National Security Issue

from the cyber-vandalism dept

Wed, May 21st 2008 3:25pm — Timothy Lee

Apparently, last year's "cyber attacks" against Estonia have caused NATO to set up a "cyber warfare" center that will coordinate responses to online security threats. This is silly. The article says that the Estonian attacks succeeded in "knocking some financial systems in the country offline for several hours," but if you read press accounts of the attacks more closely, what you find is that the attacks mostly forced the websites of several financial institutions offline. I'm sure that was annoying for Estonians who couldn't check their bank balances, but there's a big difference between "annoyance" and "national security threat." Equally silly is the Air Force's proposal to develop a military botnet for launching distributed denial-of-service attacks against America's enemies. The Internet is not a military network; the military has maintained its own, separate, TCP/IP-based network for military operations since the 1970s. Most other countries have undoubtedly followed suit. Which means that "cyber warfare" can't accomplish much more than to knock out some websites in foreign countries. And while that's certainly going to be annoying for users of the affected websites, it's not a national security issue, and the world's militaries have far more urgent things to worry about.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: national defense, website protection

18 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 21 May 2008 @ 3:52pm

Too much Cyberpunk...
Seriously.

Never fade away...
[ link to this | view in thread ]
Anonymous Coward, 21 May 2008 @ 4:17pm

Re: Too much Cyberpunk...
Indeedy. Too much Cyberpunk and probably too much Cypherpunk too. The NSA hired a married couple in math recently, one of whom is one of just a handful of people who does the specific type of math she does in America. Quantum Knot Topology.

What the hell does the NSA need with Quantum Knot Topologists? Mostly Physicists use them for building string theory models. Though mostly physicists are totally wrong about what the math for string theory says too... Either way it's a very specialized form of math.
[ link to this | view in thread ]
Jake, 21 May 2008 @ 4:25pm

Actually, I'd say this tendency to overstate the importance of denial-of-service attacks like the ones that hit the Estonians is what makes it important to devote resources to preventing them, and to counter-attacking for that matter; they may not achieve a hell of a lot on a practical level, but they're a useful psychological weapon. Besides, there's far worse things a serious hacker could do than DoS.
[ link to this | view in thread ]
withersteen, 21 May 2008 @ 4:48pm

just good ole fun
Seriously, if a (current) real war, with real consequences and casualties doesn't get the public's attention... but I digress. This is a perfectly apt approach for the military. I recently took a Certified Ethical Hacker course (ok, I like paper) and half the students were from the military. We had a 25% pass rate, and the military was no different. What does this mean? Our military needs better skills, and these types of attacks really are an effective way to hamper a modern societies ability to function. The best our leaders can do now is beg for oil, and exhort us to go shopping. Oh, happy stimulus! But really seriously, I would think (make that, hope) that our "cyber warfare" capabilities go beyond DoS attacks.
[ link to this | view in thread ]
withersteen, 21 May 2008 @ 4:53pm

botnets
Actually, I would be sorely disillusioned if we did not already have a million-unit botnet ready to go at any time... what else would a military-grade hacker worth his salt do in his spare time?
[ link to this | view in thread ]
Apex, 21 May 2008 @ 5:25pm

Re: botnets
Historically the military's cyberwarfare capabilities have focused on the NSA-type and then protecting its own networks from intrusion. The problem is the defensive capabilities have not kept up with rapid desire for more connectivity for command and control(the buzzword thrown around is a "netted force").

I think part of what Timothy is ranting about is some Air Force Colonel that made a comment about using the Air Force's own computers and networks as part of a massive botnet. In fact, he wanted to take old unused computers and spare rooms as part of this network. The whole proposal is stupid for many reasons, so of course, it's getting a lot of press on the blogosphere. I sincerely doubt it will become a reality.
[ link to this | view in thread ]
chester, 21 May 2008 @ 5:29pm

Ok...so on the quantum knot topologists; the NSA is scared of anything dealing with quantum computing, they are also desperate to acquire it probably has something to do with that.
As for the military, what most people don't understand is that the is playing catch-up. For decades DoD was the leading innovator in technology, they were the cutting edge. Today that story is very different, the DoD doesn't develop technologies, it utilizes them, and the one thing about the military that everyone knows is that it is not geared for change, it is by it's nature a conservative institution. Military schools are notorious for teaching obsolete material, most barely have funtioning equipment, this is because they are severely under-funded and all new equipment is rushed into service. Often a military instructor will have never seen the latest generation of equipment. In short the 8th Air Forces proposed Cyber Command is the only way the DoD knows how to respond and quite frankly the only way that it will probably succeed.
[ link to this | view in thread ]
The Pope, 21 May 2008 @ 5:49pm

Timothy Lee's Annoyance
Its just an annoyance unless its YOU trying to do online banking, then it becomes a crisis.

BTW: You are absolved for your stupidity.
[ link to this | view in thread ]
Overcast, 21 May 2008 @ 5:52pm

Depends, might be a large part of the psy-ops and general propaganda machine - then it would be, to many, considered a 'defense' issue.
[ link to this | view in thread ]
The Scott, 21 May 2008 @ 5:54pm

...um yeah...
Chester...stop cut-pasting your posts. Thanks. And once again, Tech Dirt does not do all of their research. I love people like you Lee. Always out for the story and never the facts. For someone who is so proud of being an adjunct w/ Cato you sure do a poor job of researching.
[ link to this | view in thread ]
StammesOpfer, 21 May 2008 @ 6:13pm

Military Networks
Although the military does maintain its own separate SIPRNET for classified information the NIPRNET is accessible from all military computers as well at the regular internet therefor you get access to one computer and you are on the inside. Not completely separate. Not to mention even if you don't obtain access to an inside computer you could still DDoS military computers and since it is the same incoming connection the WWW would block the NIPR side. Just my analysis.
[ link to this | view in thread ]
Kenneth P. Turvey, 21 May 2008 @ 6:40pm

Nothing better to do
We (in the US) spend an incredible fortune on our military:

http://www.globalissues.org/Geopolitics/ArmsTrade/Spending.asp#USMilitarySpending

We spend roughly half of what the rest of the world spends combined. So I'm not sure why it is surprising that we are spending it on stupid, inane things, at least a fair portion of the time. The fact is that we spend more money than could possibly be applied to real threats, so the military must work on the imaginary ones as well.
[ link to this | view in thread ]
Anonymous Coward, 21 May 2008 @ 7:12pm

Re: Re: Too much Cyberpunk...
Likely? it's such a specialized form of math that NSA wants it in case someone's using it as part of a coding/encryption deal.
[ link to this | view in thread ]
Nate, 21 May 2008 @ 7:36pm

They just needed something else to blow our tax money on. I suppose there could be some need to have a department specifically into this sort of thing. But, the writer is correct... there is a big difference between shutting down a website for a couple hours and national security. http://www.custompcmax.com
[ link to this | view in thread ]
bob, 22 May 2008 @ 5:08am

Slight exaggeration on TCP/IP
Contrary to the statement in the original article, it seems unlikely that the "military has maintained its own, separate, TCP/IP-based network for military operations since the 1970s," given that the Arpanet switchover from NCP happened in 1983.

There were, no doubt, TCP/IP networks within the military before that, but they were most likely used for research and engineering, rather than operations.
[ link to this | view in thread ]
Roger, 22 May 2008 @ 6:57am

my sister-in-law is Estonian...
According to her, there are very few brick and mortar banks in Estonia. All of one's banking is done online. So I would think that the denials of service could hurt a bit.
[ link to this | view in thread ]
Nasch, 23 May 2008 @ 7:52am

Re: Timothy Lee's Annoyance
Its just an annoyance unless its YOU trying to do online banking, then it becomes a crisis.

Maybe you should keep your money in a bank that has a physical presence where you live. You know, in case you can't get to your bank's web site for some reason. Suddenly, no crisis! Or maybe you didn't know you can still actually go to a bank to do banking. ;-)
[ link to this | view in thread ]
Roland Breitling, 26 May 2008 @ 2:35am

Re: Nothing better to do
"We spend roughly half of what the rest of the world spends combined."

According to Fred Kaplan on Slate Magazine, we actually spend more than all other countries combined. You could rephrase that as: one half of all countries combined, except that we actually exceed the others combined. Also, the defense budget greatly understates what we are actually spending on defense related matters.
[ link to this | view in thread ]