Chertoff Advocates Cyber Cold War 115
Jack Spine writes "The US and allied countries should formulate a doctrine to apply the principles of nuclear deterrence to cyber attacks and cyber espionage, according to former US Homeland Security secretary Michael Chertoff. No matter that it's very difficult to attribute the source of cyber attacks — just take punitive action against the platform being used to attack, says Chertoff."
I don't necessarily see a problem (Score:3, Interesting)
So long as they don't respond to a DDoS with one of their own, but with a targeted attack designed to silence the particular nodes in question, then it's probably a good thing. It's not like it's not possible to keep logs to see if these guys are operating outside their mandate.
DHS will save us from cyber terrorists! (Score:2, Interesting)
Maybe we should all take our shoes off for inspection before we get online. Or make us wait in an unguarded corral area for half an hour before we can enter the secured area. Or randomly pull users aside for full system scans. Or force users to their own drink breast milk before logging in.
I sure as hell don't want them "attacking" computers online.
Re:I don't necessarily see a problem (Score:3, Interesting)
Leak more cyber spy data (Score:3, Interesting)
Re:False flags abound (Score:5, Interesting)
The problem is collateral damage. What is more likely the nation of Elbonia is attacking the United States by DOSing an airport reservation system? or a competing airline hired some crackers to harm the competition, and those crackers have rooted some machines at the national ISP of Elbonia, that they do it with?
So we respond by routing the entire nation via 127.0.0.1, which is great in that it solves the problem but it probably denies all sorts of services to innocent people, and I am not talking about Mohamed's Netflix subscription, what about that X-Ray the surgeons there wanted a consult on, and the nations telephone system which is IP based at least for international calls. Oh and hey the assembly plant GM is trying to operate there, etc etc. All this is going to do is make small problems big ones.
Re:Ahahahah! Fools! (Score:4, Interesting)
Re:Excellent idea (Score:1, Interesting)
It was, for the US. It was the US outspending the USSR in military buildup that led to their destabilization and collapse. Mission accomplished. Sad thing is that is what the current world situation is doing to the US now.
Re:False flags abound (Score:3, Interesting)
Perhaps. The operating theory here, I think, is that at some point, a government will stop doing such idiotic things as cyber warfare because the costs are too high. Just like the threat of economic sanctions.
Part of the problem, however, is that for all the "control" we might have over the internet, it's a global network that by design can't just be turned off like that. Personally, I think that good old fashioned, "Oh, you shutdown our air traffic control system? Here, we'll shut down your airspace by destroying anything that gets more than five feet off the ground." is more effective. Excessive? You bet. That's the whole bloody point of MAD. Cyberwarfare cannot be part of a MAD policy unless you are prepared to destroy the physical connections.
Frankly, this proposal sounds like someone doesn't understand how this works. Countries like China really don't give a hoot if you block them from the internet - they'll find a way around whatever blocks you put in place, and crush (literally) anyone who internally dissents against their policies. Most of the general public has no idea this is happening. Perhaps a better solution would be raising a stink in a very public fashion at the UN, getting an international treaty in place, and *then* make it your official policy to react to cyber attacks with real, physical attacks. Otherwise, this is going to just keep happening with no real danger of reprisal that means anything to most of the countries engaged in this. Meanwhile, those nations that aren't actively trying to break things (merely spy, which is quite different) are going to get hit worse and worse with public sector damage.
Re:Excellent idea (Score:2, Interesting)
The worst part about a standing army is that it creates two functional classes of citizens that do not share the same fundamental need.
Those that have signed their right of refusal over to the government should not be permitted to vote or participate in political events or debates until the right of self-determination is legally returned to them.
During their period of service they must be treated as exactly what they signed up to be - fleshbots for whoever comes to power during their tour.
Chertoff is an idiot (Score:3, Interesting)
Chertoff was behind the preposterous program on CNN where a collection of lawyers sat around trying to play techies on TV. Most of them were probably technology challenged, and they focused on legal nonsense to deal with a weird technical scenario (a malicious cell phone app goes wild and shuts down the power grid).
His crazy ideas led to the proposal to shut down the Internet in the event of national emergency.
When he was in office he was behind a stunt where a cybersecurity attack was assumed and a piece of equipment was misused and rigged to tear itself apart -- on TV -- by doing something that has been known for decades to be a no-no.
The only value of Chertoff's nonsense is publicity for the issue. Everything beyond that is idiocy.
Cybersecurity is clearly a serious concern and work needs to be done to improve it for critical infrastructure. But off-the-wall ideas coming from Chertoff are not the way to move forward. Instead, we should have people who know what they are doing lead the effort.