On Jun 8, 2010, at 5:08 PM, Peter Boone wrote:
So let's say a cyber-attack originates from Chinese script kiddie.
Albania, Belgium, Bulgaria, Canada, Croatia, Czech Republic, Denmark,
Estonia, France, Germany, Greece, Hungary, Iceland, Italy, Latvia,
Lithuania, Luxembourg, Netherlands, Norway, Poland, Portugal, Romania,
Slovakia, Slovenia, Spain, Turkey, the United Kingdom, and the
United States
will all respond by invading China?
That leaves out the important aspect of selection. You can bet that,
if they do this, they will pick
a more suitable target, say one without strategic rocket forces.
Is NATO trying to start a war here?
Militaries tend to think in terms of military responses.
What any of this has to do with configuring routers escapes me.
Regards
Marshall
There's no mention in the article about any kind of electronic
response to
the attack.
-----Original Message-----
From: J. Oquendo [mailto:s...@infiltrated.net]
Sent: Tuesday, June 08, 2010 3:08 PM
To: na...@merit.edu
Subject: Nato warns of strike against cyber attackers
From the NetSec mailing list...
At http://www.timesonline.co.uk/tol/news/world/article7144856.ece
June 6, 2010
Nato warns of strike against cyber attackers
Michael Smith and Peter Warren
NATO is considering the use of military force against enemies who
launch
cyber attacks on its member states.
The move follows a series of Russian-linked hacking against Nato
members
and
warnings from intelligence services of the growing threat from China.
A team of Nato experts led by Madeleine Albright, the former US
secretary
of
state, has warned that the next attack on a Nato country ³may well
come
down
a fibre-optic cable².
A report by Albright¹s group said that a cyber attack on the critical
infrastructure of a Nato country could equate to an armed attack,
justifying
retaliation.
Article 5 is the cornerstone of the 1949 Nato charter, laying down
that
³an
armed attack² against one or more Nato countries ³shall be
considered an
attack against them all².
It was the clause in the charter that was invoked following the
September
11
attacks to justify the removal of the Taliban regime in Afghanistan.
Nato is now considering how severe the attack would have to be to
justify
retaliation, what military force could be used and what targets
would be
attacked.
The organisation¹s lawyers say that because the effect of a cyber
attack
can
be similar to an armed assault, there is no need to redraft existing
treaties.
Eneken Tikk, a lawyer at Nato¹s cyber defence centre in Estonia,
said it
would be enough to invoke the mutual defence clause ³if, for
example, a
cyber attack on a country¹s power networks or critical infrastructure
resulted in casualties and destruction comparable to a military
attack².
Nato heads of government are expected to discuss the potential use of
military force in response to cyber attacks at a summit in Lisbon in
November that will debate the alliance¹s future. General Keith
Alexander,
head of the newly created US cyber command, said last week there
was a
need
for ³clear rules of engagement that say what we can stop².
The concerns follow warnings from intelligence services across
Europe that
computer-launched attacks from Russia and China are a mounting
threat.
Russian hackers have been blamed for an attack against Estonia in
April
and
May of 2007 which crippled government, media and banking
communications
and
internet sites.
They also attacked Georgian computer systems during the August 2008
invasion
of the country, bringing down air defence networks and
telecommunications
systems belonging to the president, the government and banks.
Alexander disclosed last week that a 2008 attack on the Pentagon¹s
systems,
believed to have been mounted by the Chinese, successfully broke
through
into classified areas.
Britain¹s Joint Intelligence Committee cautioned last year that
Chinese-made
parts in the BT phone network could be used to bring down systems
running
the country¹s power and food supplies.
Some experts have warned that it is often hard to establish
government
involvement. Many Russian attacks, for example, have been blamed on
the
Russian mafia. The Kremlin has consistently refused to sign an
international
treaty banning internet crime.
Obviously NATO is not concerned with proving the culprit of an
attack an
albeit close to impossibility. Considering that many attackers
compromise so many machines, what's to stop someone from
instigating. I
can see it coming now:
hping -S 62.128.58.180 -a 62.220.119.62 -p ++21 -w 6000
hping -S 62.220.119.62 -a 62.128.58.180 -p ++21 -w 6000
So NANOGer's, what will be the game plan when something like this
happens, will you be joining NATO and pulling fiber. I wonder when all
types of warm-fuzzy filtering will be drafted into networking: "Thou
shall re-read RFC4953 lest you want Predator strikes on your NAP
locations...
--
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT
"It takes 20 years to build a reputation and five minutes to
ruin it. If you think about that, you'll do things
differently." - Warren Buffett
227C 5D35 7DCB 0893 95AA 4771 1DCE 1FD1 5CCD 6B5E
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5CCD6B5E
