Tuesday, November 2, 2010

Cyber War - Why It's Idiotic

Let me first say that I'm overwhelmingly annoyed by all the "Cyber War" topic being Tweeted, blogged, and written about in the media.  Please stop.

I had a very intelligent conversation a little while ago with Marcus Ranum at the ISSA Louisville Metro InfoSec Conference where him and I were both speakers - and much to my surprise we were on the same page regarding this whole "Cyber War" stupidity.  War, by its very nature, is a destruction.  The goal is to cause damage so that one group (presumably a nation-state) can take over another.  This most often requires bloodshed, large amounts of resources, and most importantly - physical invasion.  This is where the whole "Cyber War" silliness breaks down for anyone that understands anything.

The people I've seen and read spouting off about "Cyber War" and "Cyber Terrorism" and all that related cyber-whatever just don't get the main point.  You can't take over another nation-state by "DDoS'ing" it off the face of the Internet.  Cutting off my Internet, shutting down a power grid, or causing a possibly catastrophic event at the other end of an IP connection simply doesn't constitute a war.  Now, if one nation-state were to openly attack the infrastructure of another, and cause, say, a nuclear meltdown killing millions - that could be an act of war ...but you'd have to make a stretch even to get that accepted.

You can't tell me that if tomorrow morning we woke up and there were billions of IP packets shooting off from Chinese Internet-space at our critical infrastructure components (wait, that's happening already isn't it?) we the United States of America would declare "Cyber War" ...and if you tried to tell me that I'd make a case to have you committed.  In the virtual world, where packets buzz around, there are on bullets.  There are no full-scale invasions.  There isn't a displacement of cultural values by a military presence.

On a slightly different view - if Switzerland hired a bunch of hackers and completely took over the entire US Internet-connected presence - and I mean anything connected to an Ethernet cable - what would that mean?  Would that mean that they then could "declare war on" the US and take over?  I'd love to see them show up no our shores with their laptops and try... even if our defenses were crippled there is a sizable military presence here that would blow them to kingdom come once they were within reach of our shores.  See my point?

So once again - "Cyber War" falls on its face as just a piece of hype that someone started and other clueless lemmings jumped on to make themselves look smart.  Let me clarify for you - if you're talking about Cyber War as our biggest threat right now - you're an IDIOT.

4 comments:

Alex said...

Thanks for the great post. I've argued similar points on my blog but it's nice to see someone with a higher profile than me making these arguments.

I know it'll never catch on, but I'd like to see "cyberwar" replaced by "cyberespionage" for any attack focused on stealing data and "cybersabotage" for any attack designed to cause physical damage. There's no "war" here.

Ben said...

I think you're getting hung-up on semantic and dictionary games. Using a narrow definition of "war" like you have ignores that "information warfare" has been around for a very long time. The semantic nuance that I think gets missed (I certainly missed it) is the difference between a War (as in WWI, WWII, etc.) and warfare (i.e. offensive activities). Also, narrowly defining offensive activities then as only being things that are "destructive" is a bit disingenuous and misleading, since the term is itself a wee bit subjective. More importantly, many offensive operations (warfare) do not simply have the objective of "destruction," but rather seek to disrupt, interrupt, influence, steal, etc. Espionage, for example, is a key part of intelligence, which is a key part of military operations, and yet by your definition it would not be included (note I'm not talking about corporate espionage here).

Bejtlich has had several posts on the topic and, over time, I've come to agree with much of it, but not without struggling to come to grips with things a bit. It's worth reading it all. As for your reference to Ranum, I'm not surprised you think he agrees with you, though in my limited experience with him it's easy to hear him agreeing and disagreeing depending on how you're filtering... the rhetoric around "cyberwar" is idiotic, as is the almost-exclusive focus on offensive operations... that our critical infrastructure is completely exposed is nothing new, and it is absolutely a cause for concern. Anyway... check out Bejtlich's posts:
http://taosecurity.blogspot.com/2010/07/cyberwar-is-real.html
http://taosecurity.blogspot.com/2010/07/joint-strike-fighter-face-of-cyberwar.html
http://taosecurity.blogspot.com/2010/07/little-more-on-cyberwar-from-joint-pub.html
http://taosecurity.blogspot.com/2010/09/why-neither-us-nor-china-admits.html
http://taosecurity.blogspot.com/2010/09/why-russia-and-china-think-were.html

And then add in there a few references on Stuxnet, just for giggles. fwiw.

Ben said...

I think you're getting hung-up on semantic and dictionary games. Using a narrow definition of "war" like you have ignores that "information warfare" has been around for a very long time. The semantic nuance that I think gets missed (I certainly missed it) is the difference between a War (as in WWI, WWII, etc.) and warfare (i.e. offensive activities). Also, narrowly defining offensive activities then as only being things that are "destructive" is a bit disingenuous and misleading, since the term is itself a wee bit subjective. More importantly, many offensive operations (warfare) do not simply have the objective of "destruction," but rather seek to disrupt, interrupt, influence, steal, etc. Espionage, for example, is a key part of intelligence, which is a key part of military operations, and yet by your definition it would not be included (note I'm not talking about corporate espionage here).

Bejtlich has had several posts on the topic and, over time, I've come to agree with much of it, but not without struggling to come to grips with things a bit. It's worth reading it all. As for your reference to Ranum, I'm not surprised you think he agrees with you, though in my limited experience with him it's easy to hear him agreeing and disagreeing depending on how you're filtering... the rhetoric around "cyberwar" is idiotic, as is the almost-exclusive focus on offensive operations... that our critical infrastructure is completely exposed is nothing new, and it is absolutely a cause for concern. Anyway... check out Bejtlich's posts:
http://taosecurity.blogspot.com/2010/07/cyberwar-is-real.html
http://taosecurity.blogspot.com/2010/07/joint-strike-fighter-face-of-cyberwar.html
http://taosecurity.blogspot.com/2010/07/little-more-on-cyberwar-from-joint-pub.html
http://taosecurity.blogspot.com/2010/09/why-neither-us-nor-china-admits.html
http://taosecurity.blogspot.com/2010/09/why-russia-and-china-think-were.html

And then add in there a few references on Stuxnet, just for giggles. fwiw.

Scott said...

Quote: War, by its very nature, is a destruction. The goal is to cause damage so that one group (presumably a nation-state) can take over another.

I think your subjective definition of "war" is what's tripping you up here.

Merriam Webster defines war as:

war noun, often attributive \ˈwȯr\
a (1) : a state of usually open and declared armed hostile conflict between states or nations (2) : a period of such armed conflict
(3) : state of war

b : the art or science of warfare

(2) archaic : soldiers armed and equipped for war

2 a : a state of hostility, conflict, or antagonism
b : a struggle or competition between opposing forces or for a particular end (a class war) (a war against disease)
c : variance, odds 3

If we use the noun definition of "a conflict, with the intent to control" then I'd say that hacking, DDoS, etc. are certainly types of warfare when executed between real entities. Certainly the endgame of CyberWAR won't be a Swiss-controlled United States, but like other wars we've fought these kinds of actions could very well shape global politics and "real world" events.

Google+