Forgot your password?
typodupeerror
Government IT News Your Rights Online

Officials Warn: Cyber War On the US Has Begun 292

Posted by samzenpus
from the get-to-the-choppa! dept.
snydeq writes "Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet, InfoWorld reports. 'A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens. The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.'"
This discussion has been archived. No new comments can be posted.

Officials Warn: Cyber War On the US Has Begun

Comments Filter:
  • "Cyber 9/11" (Score:5, Insightful)

    by ShaunC (203807) on Monday January 28, 2013 @03:29PM (#42719139)

    Really? So we're going to see buildings destroyed, thousands murdered? The hyperbole is way out of hand on this one.

    • by binarylarry (1338699) on Monday January 28, 2013 @03:34PM (#42719215)

      Don't you get man?!

      The porn! They're going to be deleting all of our precious, precious porno!

      It'll be like back in the dark ages again with cave drawings and domestic animals.

      Game over man, GAME OVER!

    • Re:"Cyber 9/11" (Score:5, Insightful)

      by dkleinsc (563838) on Monday January 28, 2013 @03:39PM (#42719271) Homepage

      Well, how else are you going to convince people that they should be spending huge sums of taxpayer money to help private industry do the computer security work they should have already done at their own expense?

      But yes, it cheapens the meaning of the real 9/11 when you use it to scare people into responding to non-lethal threats. Apparently, banks and utilities have already been hit, and nobody outside of those organizations even noticed. That tells you how much of a non-threat it is.

      • Re:"Cyber 9/11" (Score:5, Interesting)

        by girlintraining (1395911) on Monday January 28, 2013 @05:18PM (#42720475)

        Apparently, banks and utilities have already been hit, and nobody outside of those organizations even noticed. That tells you how much of a non-threat it is.

        I can't reveal which financial institution I work for due to company policy regarding social networking, but I can say it is a major one in the United States. Nobody here noticed any "attacks" above and beyond the usual phishing and money laundering crap that comes through every day. Not a peep. Work proceeds as usual. I checked with a few of my friends who have contract gigs at Wall St., and at a nearby state university... none of them have reported anything unusual either.

        I appreciate the sentiment, and truly do believe every organization could do to review and update their security and disaster recovery plans. I'm a professional in IT though, of course I'm going to say that; It's good business. However, implying that anything is happening on the networks I manage or that of many others in my profession that could equate to "the next 9/11" is complete hyperbole and, frankly, insulting.

        • Re:"Cyber 9/11" (Score:4, Insightful)

          by tlhIngan (30335) <.slashdot. .at. .worf.net.> on Monday January 28, 2013 @05:43PM (#42720709)

          I appreciate the sentiment, and truly do believe every organization could do to review and update their security and disaster recovery plans. I'm a professional in IT though, of course I'm going to say that; It's good business. However, implying that anything is happening on the networks I manage or that of many others in my profession that could equate to "the next 9/11" is complete hyperbole and, frankly, insulting.

          I think it's more a case of it's appropriations time, and with the looming new fiscal cliff, budget talks, and taxes and cuts, well, departments are going to inflate their needs with hyperbole to indicate that cutting their budget is a bad idea.

          Cut DoD? Cyberwarfare! We've got another 9/11!
          Cut DHS? Cyber 9/11!

          etc.

          • Yeah, the headline is kind of weird. It sounds like it goes like this:

            > Oh, we detect cyber warfare! (a term we invented so I don't have to understand the difference between information and people/materials).
            > More and more computers are attacked! (because we attack other nations and stifle their industry for our own security and economical interests).
            > More attacks mean we need to be better prepared to attack more! (because we are not smart enough to make attacks pointless, and don't understand th

        • Re: (Score:2, Funny)

          by gandhi_2 (1108023)

          ...says an Iranian teenager, sitting in a Tehran cafe, posting as girlintraining, as logged in through an ssh tunnel to her employer's office.

          "muhahaha!" says the Iranian. Posting submit, only slowed temporarily by the captcha: iRonY.

      • Re:"Cyber 9/11" (Score:4, Informative)

        by Kasar (838340) on Monday January 28, 2013 @05:18PM (#42720479)
        The BBC has a Pentagon announcement that they plan to quintuple their "Cyber Defense" staffing. Completely unrelated I'm sure.
      • But yes, it cheapens the meaning of the real 9/11 when you use it to scare people into responding to non-lethal threats.

        Funny. I thought that *was* the real meaning of 9/11. It didn't take any longer than 10/11 for that to hold.

    • Re:"Cyber 9/11" (Score:5, Interesting)

      by NFN_NLN (633283) on Monday January 28, 2013 @03:41PM (#42719313)

      Really? So we're going to see buildings destroyed, thousands murdered? The hyperbole is way out of hand on this one.

      It's all about strategically timed loss of service to exacerbate tensions:

      - Disable electricity during a heat wave in Atlanta = Riot
      - Disable communications right after a white police officer is acquitted of beating a black suspect in LA = Riot & Looting
      - Disable banking/credit card during Black Friday = Riot, people already riot and trample each other in Walmart without a loss of service.

      Basically the US is a powder keg... all it takes is a spark :)

      • by Jetra (2622687)
        Fire Sale! I loved that movie.
      • Re:"Cyber 9/11" (Score:5, Insightful)

        by eksith (2776419) on Monday January 28, 2013 @04:38PM (#42720035) Homepage

        That's a very bleak assessment of us :/

        Not completely disagreeing with you, but people are capable of other courses of action in dire situations. I was in New York when the power outage happened in 2003 when a lot of the Northeast was completely dark except for a few lights being kept on by generators. This was only two years after 9/11 and the first thought on everyone's mind was terrorism, but no one panicked or rioted except for a few burglaries (those are always to be expected). People were being helped from the subways by fellow passengers, others took care of each other as best they can.

        Even after the 2001 attacks, there were people helping out and staying calm (as best they can).

        There are instances where people act like they've lost their minds during emergencies, but then they have already lost their minds by the time the rioting starts. The riot is just the symptom of that.

      • by guttentag (313541)

        It's all about strategically timed loss of service to exacerbate tensions.

        How would people know to riot if the power is out and they can't access twitter or facebook? When the power goes out, people are more likely to sit and play cards with their family, or go outside and start talking to the next door neighbors they've never met.

        If you want to get people worked up, selectively turn people's power back on, turning them against each other. See The Monsters Are Due On Maple Street [wikipedia.org]

    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Buildings destroyed, probably not... Thousands murdered, perhaps. Why? Because many public utilities run on computers. You hack that system, you can do things like shut off electricity for an extended period of time and very few people have things like a backup generator. That guy with an oxygen pump? Dead. The diabetic who over time has their insulin harden into a jelly like substance because it's not cold? Dead. That hospital that didn't have a proper backup system for power? Many dead.

      It's not exactly ha

      • Re:"Cyber 9/11" (Score:5, Insightful)

        by vlm (69642) on Monday January 28, 2013 @04:01PM (#42719597)

        The problem is finding an area of the USA where a medium term power loss would not be business as usual, due to 3rd world infrastructure.

        Hmm shutdown NYC's power, they'll collapse. Naah tried that short term back in the 00s and longer term last fall due to a mere rainstorm.

        Hmm shutdown power in the south? Naah thats called a hurricane, they do that stuff couple times a year no problemo.

        Hmm shutdown power in the west? Naah thats called a rolling california blackout, all part of a corrupt plan to increase prices and revenue. No problemo. Heck the crooks who run the place made more money, if anything thats encouraging them!

        Hmm shutdown power in the midwest? Naah every time we get a wee windstorm or ice storm or blizzard or pretty much anything but still air, happens all the time. Oh yeah and the damn mississippi is either almost bone dry or flooding the land both causing power issues.

        Is there anywhere left where power outages are unusual, maybe even dangerous?

        Doesn't mean its not annoying, maybe even a little dangerous. In fact if there's even a hint that foreigners are behind it all, the biggest danger is attacking some other country. If saudi arabians fly jetliners into our skyscrapers we bomb afghanistan, so I assume if Venezuelans shut down the power in Florida for a little while we'd probably respond by bombing Iran.

        • by jittles (1613415)

          The problem is finding an area of the USA where a medium term power loss would not be business as usual, due to 3rd world infrastructure.

          You have obviously not lived somewhere that truly has third world infrastructure. Try running water for an hour or two a day, tops. And sometimes going weeks without any running water at all. Or having the power go out a half a dozen times a day, for anywhere from 1 minute to 3 or 4 hours. And that's without any severe or unusual weather. That is standard operating procedure.

        • I think it matters how long term the outage is. The Northeast cascade power failure in 2003 was partly due to a software bug [wikipedia.org]and would have been devastating if it was below freezing. 55 million people without heat is a huge number. Even if there weren't many deaths the economic damage would be tremendous from just the water pipes freezing and bursting. Yeah we're used to small scale outages with heavy snows or ice but not anything on that scale. If an entire region could be shut down for say a week things w
      • Re:"Cyber 9/11" (Score:4, Insightful)

        by hawguy (1600213) on Monday January 28, 2013 @04:22PM (#42719799)

        Buildings destroyed, probably not... Thousands murdered, perhaps. Why? Because many public utilities run on computers. You hack that system, you can do things like shut off electricity for an extended period of time and very few people have things like a backup generator. That guy with an oxygen pump? Dead. The diabetic who over time has their insulin harden into a jelly like substance because it's not cold? Dead. That hospital that didn't have a proper backup system for power? Many dead.

        It's not exactly hard to murder people with a cyber attack, you won't see buildings destroyed like a normal attack though. Cyber attack, you could take out the financial market, which while not of upmost importance to most people these days, if you shut down VISA and Mastercard, there's a good chunk of people that won't have access to their money so getting food and water becomes a problem.

        Now do I think this is going to happen soon? Nah... I'm not a doomsday theorist. Can it happen? Sure.

        Pretty much every area of the USA is subject to disasters than can cause power interruptions, and already have measures in place to help those that can't survive for an extended period without power. Unless there is wide spread physical damage to repair, a cyber attack power outage will be relatively short lived.

        I certainly think that 10's may die, maybe even 100's, but thousands? That seems unlikely. Even Hurricane Sandy's death toll in New York City was only 41

        • I certainly think that 10's may die, maybe even 100's, but thousands? That seems unlikely. Even Hurricane Sandy's death toll in New York City was only 41

          Katrina caused 1833 deaths. Of course, Katrina was a bit more severe than Sandy, which most of us down N'Awlins way wouldn't even have considered evacuating for....

      • by icebike (68054)

        Yes you might be able to cause a few deaths by killing all power. You could cause a few more by setting all intersections to ALL Ways Green.

        But so what? People will quickly figure it out, cities will simply unplug the stop-lights reverting every intersection into take-your-turn.

        You can't do any significant damage to a country, and render them in-capable of responding in kind, or with tomahawk missiles.
        This is fear-mongering, plain and simple.

        • by Pieroxy (222434)

          What about if you erased every US citizen's bank account? Or you decided that those cooling stuff in nuclear plants are to be stopped immediately (probably harder)?

          Let's admit that a heck of a lot of things are run by computer these days. A LOT of stuff.

          • by icebike (68054)

            What about if you erased every US citizen's bank account?

            Two words:

            Backup Tapes

    • Re:"Cyber 9/11" (Score:5, Insightful)

      by i kan reed (749298) on Monday January 28, 2013 @03:44PM (#42719355) Homepage Journal

      Don't you see? If we don't get our pointless billions in wasted defense spending, everyone will die.

      • Re:"Cyber 9/11" (Score:4, Interesting)

        by megamerican (1073936) on Monday January 28, 2013 @04:47PM (#42720161)

        It'll be more like, if you don't give the government insane controls over the internet there will be 100 Chernobyl's in the United States. The legislation is already written. They just need the right opportunity (real of manufactured) to invoke fear and pass it without any congressman being able to read said legislation.

    • Re: (Score:2, Interesting)

      by jellomizer (103300)

      If you hack a bank that causes them to say stop funding a hospital due to a "Computer Error" and people die because the hospital didn't get the resources they needed in time. The hacker is no less evil then a guy who just pushed the button to hit a bomb.

      They justify their consciousness because it is just cleaner and they don't have the see the full effect.

      • by cdrudge (68377)

        If a hospital can't keep the necessary supplies in inventory to operate should a "computer error" happen and can't be resolved immediately, they shouldn't be a hospital.

        No major business is going to operate on a "just in time" basis for financing. They are all going to carry lines of credit or other equivalent with their major suppliers. They are going to have 15-, 30-, 60-, 90-day terms or whatnot for invoicing.

      • by hawguy (1600213)

        If you hack a bank that causes them to say stop funding a hospital due to a "Computer Error" and people die because the hospital didn't get the resources they needed in time. The hacker is no less evil then a guy who just pushed the button to hit a bomb.

        They justify their consciousness because it is just cleaner and they don't have the see the full effect.

        Yeah, it would be the fault of the finance people at the bank that didn't have a manual process in place to secure operational funding.

      • by icebike (68054)

        Hospitals have ways to deal with this. There are, after all, power outages and disasters frequent enough to cause them to plan ahead, and they can run for over a month with zero funding, and several months once the government steps in.

    • by swb (14022)

      Well, if you can sabotage PLCs in a power plant and cause it to blow up, maybe.

    • Re:"Cyber 9/11" (Score:5, Interesting)

      by vlm (69642) on Monday January 28, 2013 @03:54PM (#42719495)

      They're talking about an attack on our civil rights, and they're almost certain to win, just like the bad guys won after 9/11.

      Wait for the next innocent convenient disaster. Bank led by crooks and con men goes out of business? Oh you say one foreigner tried identity theft once back in '98? Well that cause and effect is obvious, we need to "temporarily" suspend the constitution until the threat is neutralized aka forever.

    • by pitchpipe (708843) on Monday January 28, 2013 @03:58PM (#42719541)
      Well, to be fair, they did tone down the rhetoric a bit. Some of the phrases they were considering that were dropped in favor of "cyber 9/11":
      • Cyber Apocalypse
      • Cyber Armageddon
      • Cyber Annihilation
      • Cyber Holocaust
      • Cyber Extinction

      Personally I like "The Cyber Extinction". It just sounds awesome!

    • by Warhawke (1312723) on Monday January 28, 2013 @04:22PM (#42719809)
      My God, it will be 911 times 404: file not found! That's, like, 368,044!!
    • But Hyperbole is like the best thing EVER

      • Re: (Score:2, Funny)

        by Anonymous Coward

        Wait until you try Cyberhyperbole!

    • by Nyder (754090)

      Really? So we're going to see buildings destroyed, thousands murdered? The hyperbole is way out of hand on this one.

      I think they mean they are going to use the situation to take away more of our freedoms, just like they did after the 9-11 event.

    • by Synerg1y (2169962)
      I don't think you understand the people you're talking about: here's an obligatory xkcd: http://xkcd.com/705/ [xkcd.com] . Some people care more about downtime than others and security people are among the most... paranoid. Also, fear = job security, so :)
    • by Terrasque (796014)

      The first 10 minutes of this video (05:00 to ~10:00 to be exact) gives a pretty good explanation of "cyber" as used here, I think..

    • by Terrasque (796014)

      The first 10 minutes of this video [youtube.com] (05:00 to ~10:00 to be exact) gives a pretty good explanation of "cyber" as used here, I think.. // sorry for double post - closing " missing in first :(

    • I can see a future where government regulated software on everyones machine DDOSs Chinese and Russian targets in retaliation while their utilities, banks and institutions networks are raided, backdoored and looted.
      Who says the morons in Washington didn't gain anything from ANONYMOUS?
      In a perfect world the attacks would be made on spammers and phishers and their ilk.

  • by Anonymous Coward on Monday January 28, 2013 @03:34PM (#42719207)

    So, they put a bug in Russian oil pipeline controlling kit that blows up. They put a virus on Iranian nuclear power testing plants (could have blown up).

    And everything was just "The Next Cyber War Could Be Deadly".

    But now that the USA's banks are being attacked, "ITS THE NEXT 11/9!!!!!!!!!!"

    Fucking drama queens.

  • Rights attack (Score:5, Insightful)

    by JeffSh (71237) <[gro.0m0m] [ta] [todhsalsffej]> on Monday January 28, 2013 @03:35PM (#42719221)

    FUD to steal more of our rights away. "FOR YOUR PROTECTION, we need to monitor everything, sign on the dotted line and everything will be ok. You Can Trust US" MEH.

  • by fredrated (639554) on Monday January 28, 2013 @03:36PM (#42719231) Journal

    After all, what with fiscal responsibility looming, we need all the excuses we can get to keep the war funds flowing.

    • As long as Democrats are opposed to any entitlement cuts and Republicans to any tax increases or defense cuts there is no imminent danger of fiscal responsibility. I prefer a different conspiracy theory. Since exaggerating the danger of physical terrorist attacks worked so well in limiting out physical privacy rights (see TSA, PATRIOT act etc) similar process will work in relieving us of our online privacy as well.

      • As long as Democrats are opposed to any entitlement cuts and Republicans to any tax increases or defense cuts there is no imminent danger of fiscal responsibility.

        Note that if the DoD budget were zeroed, we'd still have a deficit.

        Note, likewise, that if either Medicare or SSA were zeroed, we'd still have a deficit.

        Tax increases? 30% across the board, and we'd still have a deficit. Tweak that so the "rich" pay more? Probably still a deficit, though if you could couple that with a Congress that wouldn't

  • by Anonymous Coward on Monday January 28, 2013 @03:36PM (#42719241)

    Spottswoode: From what I.N.T.E.L.L.I.G.N.C.E has gathered, it would be 9/11 times 100.
    Gary Johnston: 9/11 times a hundred? Jesus, that's...
    Spottswoode: Yes, 91,100.

  • by doubledown00 (2767069) on Monday January 28, 2013 @03:36PM (#42719243)
    If even somewhat true, this is the kind of thing that will usher in a new era of network surveillance and the kind of restrictions that will kill a formerly free Internet. Governments will have much more incentive to get involved in the standards drafting process in order to ensure "proper adherence" to national security "requests" etc.

    I hope I'm wrong, but having seen how people go apeshit with simple "point and click" technologies like guns.......let's see what happens when you get a bunch of old white guys with power trying to lock down things they *truly* don't understand.
    • by sjames (1099)

      Worse, the wall protecting Wall Street from the consequences of it's crimes is showing cracks. A new scary foreign bad guy must be invented fast!

  • Well now... (Score:3, Insightful)

    by maugle (1369813) on Monday January 28, 2013 @03:38PM (#42719257)
    Can't say I'm surprised about how vulnerable our infrastructure is. TheDailyWTF is chock-full of stories about massive security holes in company networks, and the firing of anyone who tries to point them out and get them fixed.
    • TheDailyWTF is chock-full of stories about massive security holes in company networks, and the persecution/prosecution of anyone who tries to point them out and get them fixed.

      There I fixed that for you.

  • by retaj (1020999) on Monday January 28, 2013 @03:48PM (#42719409)
    Begun, the Cyber Wars have.
  • It has begun? (Score:5, Insightful)

    by KermodeBear (738243) on Monday January 28, 2013 @03:49PM (#42719433) Homepage

    What the heck is he smoking? China et al. have been attacking the US through computer systems for decades.

    • by AK Marc (707885)
      And we've been doing the same to them and others. Yes, it's a war. Though in this one, we won't know who started it until the winner changes history to make it clear who we should have been rooting for.
  • by Spectre (1685) on Monday January 28, 2013 @03:52PM (#42719465)

    They are mentioning StuxNet and the like as a threat example? So, the US is in danger of malware created by the US ... perhaps loosing viral code on the world wasn't a good idea.

    "We're finding espionage, advanced persistent threats (APTs), and other malware sitting in networks, often for more than a year before it's ever detected," Martinez says.

    Now, to "protect" ourselves from our government we need to do what ... turn over more information and control to the people that created the problem? Why would I want to give more power to people that have already proven they can't be trusted with it?

    This sounds like nothing more than multi-faceted spin control and manipulation.

    What I hear being said:
    Look, we need a larger budget to monitor this situation.
    And more power to get the information we need without the red tape of actually getting warrants.
    For your protection against what we've done, you should just give us all your info, all the time.

    • by zlives (2009072)

      well... at least its not for the children this time....

    • There are factions within the U.S. Government and they aren't always in coordination. What's more, Stuxnet was probably written by Mossad, not CIA.
    • by slodan (1134883) on Monday January 28, 2013 @05:13PM (#42720431)
      You are exactly right. This column by Glenn Greenwald [guardian.co.uk] is timely, and a far better source than "InfoWorld". Here are some select quotes:

      This massive new expenditure of money is not primarily devoted to defending against cyber-aggressors. The US itself is the world's leading cyber-aggressor. A major purpose of this expansion is to strengthen the US's ability to destroy other nations with cyber-attacks. Indeed, even the Post report notes that a major component of this new expansion is to "conduct offensive computer operations against foreign adversaries".

      As Wired's Ryan Singel wrote: "[McConnell is] talking about changing the internet to make everything anyone does on the net traceable and geo-located so the National Security Agency can pinpoint users and their computers for retaliation."

      Don't forget that McConnell is the chode who got the telecoms retroactively immunized for their participation in the illegal NSA domestic spying program.

  • by Grand Facade (35180) on Monday January 28, 2013 @03:57PM (#42719527)

    Oh! Noz! We need help to keep away the bad hackerz! (terrorists)

    We need money to rebuild our infrastructure and a special prosecutor to chase the bad terrorists.

    (even though they have been wandering around for the last 40 years with their pants down)

  • by gmuslera (3436) on Monday January 28, 2013 @03:59PM (#42719561) Homepage Journal

    Instead of cyber-pearlharbour or cyber-9/11, the right expression should be cyber-normandy. So far the main cyber attacking force comes from US in a lot of fronts, stuxnet/flame (is a nice point to show destructive weapons to scare population without naming that you are the one creating/using them), massive spying on private communications from all the world is being done by US agencies, and intrusive legal initatives are pushed to all governments of the world (SOPA/PIPA/derivates like Spain's Sinde/etc). So far has been a war against freedom, and some of the forces "attacking" US seem to be trying (in a good or bad way) to not lose that freedom.

    Is a war of US against the World, and they put the world in front to make you believe that they are the victims.

  • Seriously? why not just use an article from Fox news and be done with it? Banks get hit by attacks constantly. This is not news.

    Gross mismanagement, corruption and negligence of companies which spend millions of tax dollars and fail to secure basic computing resources (like encrypted laptops)? Now that's something to call attention to.

  • The only thing we have to fear is fear itself.

    Oh: and apparently you can fool enough people all the time.

  • Linux/BSD ...kthxbye (Score:2, Interesting)

    by ilikenwf (1139495)
    This wouldn't happen near as much if every corp, govt, person, and entity otherwise had a hardened multi-layer, stateful packet inspection firewall, with obscurity on the internal network, good policies, and Linux/BSD client machines. I blame Cisco and their crappy software on their great hardware, Microsoft for their substandard OS and applications, and Apple for their elitist "you can't touch this" attitude towards security on their OS.
    • by thoth (7907)

      Well, that's the free market in action. It doesn't optimize for the best results, it optimizes for profit, which may or may not produce a good result as a side effect.
      It was more profitable for companies to ignore security issues.

  • The government has simply decided to call it a War because with the wars on "drugs" and "terror" winding down, they need a new bogeyman to make everyone afraid of so they can get the next big round of taxpayer-funded defense grants.

    Hacking has been going on since the birth of the Internet, and it will keep going on until global warming turns the Earth into a smoldering cinder.

  • Uh huh (Score:3, Insightful)

    by koan (80826) on Monday January 28, 2013 @04:35PM (#42719973)

    Oh look another "war" without a clear enemy or end in sight...

    One that is super simple to avoid you have to wonder why they keep leaving critical infrastructure online.

  • BITS we'll be blown to, all of us, after all.

  • My understanding is that SCADA -- which allows the remote management of a great many infrastructure technologies like power substations and such -- is extremely vulnerable, to the extent that I read there is a manufacturer's back door in many (most?) that is easily determined if you know the mac address of the device, and that the mac addresses are fairly easy to come by.
  • Considering that the private sector considers anything that doesn't "generate revenue" as a massive cost sink, it's no wonder that security and maintenance infrastructure has been gutted to the point where a stiff breeze could send it all crashing down and massive data theft is so common it's no longer newsworthy.
  • The government and/or the powers that be have simply decided to call it a War because with the wars on "drugs" and "terror" winding down, they need a new bogeyman to make everyone afraid of so they can get the next big round of taxpayer-funded defense grants.

    Hacking has been going on since the birth of the Internet, and it will keep going on until global warming turns the Earth into a smoldering cinder.

  • by Scarletdown (886459) on Monday January 28, 2013 @04:48PM (#42720167) Journal

    All in all, this is sounding like just another scare tactic to maintain a perpetual state of war, keeping the public paranoid and distrusting of anyone except our "benevolent leaders" who pretend to be looking after our best interests.

  • In fact, the November 15th United Airlines was a cyber attack. This was a retaliation for the severing of Russian civilian satellite control. In turn, that was a U.S. attack intended to silence Russian (RT.com) claims that the Petraeus scandal was the fall-out of a barely-discovered voting fraud "coup attempt," and that President Obama and Defense Secretary Panetta had fled the United States to Asia immediately after the coup was discovered.
  • by WaffleMonster (969671) on Monday January 28, 2013 @04:51PM (#42720207)

    9/11 comparisons and DoD goons routinely discussing threat from cyber war in terms of parity with nuclear weapons is quite amusing like comparing getting detention with being sent off to a Nazi concentration camp.

    Asserting the age old problem of "espionage" is now "cyber" and dreaming up of doomsday scenarios which leave even braindead zombies asking the obvious question how hard is it really to keep "critical infustructure" off the Internet?

    I have little doubt real intent of this media blitz and TLA warnings are to create an atmosphere conducive to tolerating government overreach. Overreach which cannot possibly work to accomplish better security for anyone.

    If the government really cared about US infustructure being hacked via Internet they would find a legal framework making hacking against every government/public target without any restriction legal by US citizens with some rules against lame attacks (ddos) and intentional non-collateral damage.

    Penalize agencies that get 0wn3d. Make it a huge game (with cash prizes) focus on educational resources to help and encourage hacking. Not only do you get better infustructure you get more knowledgable peeps.

    • I think that people focus too much on "critical" systems and cyber->physical attacks, and not enough on the value of privately held information. My personal information (photographs, writings, etc) are quite valuable to me. The loss of my personal copies of my financial and legal information would cost me a large amount of time to recover. The loss of my purchased media and software would represent a significant financial loss. I take normal steps to protect my information, but I'm sure it is not safe

  • by Anonymous Coward on Monday January 28, 2013 @04:58PM (#42720291)

    I'm a security professional. I work for one of the largest banks in the world, in a role directly involving online security.

    Putting it succinctly, Infoworld is full of shit.

    Yes, there have been attacks. There were also attacks last year. And the year before. And pretty much every year going back to the day somebody first connected a modem to the serial port of a computer with access to the bank's internal network. I have no doubt whatsoever there will be attacks this year, next year, and every year to come.

    This is NOT "Cyber 9-11". Not even fucking CLOSE to it. People fucking DIED on 9-11, including two guys I was friends with in college and used to drink, play videogames, and trade warez with all the time. I think one of them might have even jumped, and had to spend ~40 terrifying seconds deciding whether he'd prefer to be killed instantly, or live an extra millisecond or two in searing pain after getting shredded by the steel and glass atrium feet first.

    It sucks having to tell your boss that there's a distributed denial of service attack in progress, or someone might have compromised an application and harvested usernames or email addresses (but as of yet, no passwords). It doesn't even come CLOSE to sucking as badly as falling a thousand feet to your death, or getting liquefied and burned alive by 400 million tons of flaming concrete.

    Picture sitting at your desk, sipping a latte, checking out the morning's posts on Slashdot, and having a 767 crash into your office at 500mph. A chunk of wing hurls across the floor, tears off your legs, and sends you flying into a column or something solid. You have about a quarter of a second to think, "WTF" before getting engulfed in a fireball and dying more slowly than you'd have otherwise rationally preferred. Now, in that context, try to think of ANY conceivable computer hacking attempt or attack that either keeps people from accessing their accounts or creates fraudulent line items for the forensic bookkeeping team to try and sort out that you'd EVER classify as being worthy of being used in the same sentence as "9-11". Go ahead, I *dare* you.

  • by gmuslera (3436) on Monday January 28, 2013 @05:09PM (#42720391) Homepage Journal

    "We need resources because the war is against us". In real terms, is US the one that is attacking all the others, putting things like they are the victims is intentionally deceptive. The cyberweapons named in the summary (flame/stuxnet) were done and used by US and allies. There are other kinds of cyberattacks going on, like surveillance on everyone [slashdot.org] no matter of country, and pushing laws limiting other countries population (like SOPA, PIPA or derivatives like spain's Sinde law). The motto of this one should be "the war against freedom"

    The main attackers so far mostly are people, not countries, that right or wrong say that fight for their (or our) freedom, and odds are badly against them (unless you are anonymous, you will probably get caught despite international laws, no matter where you are). Is a war, and we all are in the hopeless side of it.

  • During the fall of any great civilization, they tend to burn down the libraries. And what is the Internet, but the largest library on Earth? And who wishes to burn it down, but armed forces?

    I imagine the Library of Alexandria faced a similar problem.

  • Its world cyber war 1, but instead of a dictator intent on conquering the world, like a real war, its a bunch of script kiddys thinking they are clever

    everyone be afraid....be very afraid

  • Gee, let's take EVERYTHING and connect it all on a giant, publicly accessible, open network that spans the entire world using a protocol suite designed in the 70's with no security in mind.

    After that let's stack most everything on top of a protocol intended to serve up static text with some images and links to other text files thrown in. And then shoehorn it into becoming an application delivery platform. And pile kludges 10 layers deep to make it sort of usable.

    Seriously, if you run critical infrastructu

    • "Gee, let's take EVERYTHING and connect it all on a giant, publicly accessible, open network that spans the entire world using a protocol suite designed in the 70's with no security in mind".

      I don't think so, Microsoft was selling Windows NT as the Internet platform for commerce, since at least 1995 ...
      • by ogdenk (712300)

        Judging by your lengthy UID I assume you haven't been in IT very long, you're trolling or trying to be funny....

        TCP/IP has been with us since the late 1970's. Was the primary protocol in use on the Internet from the early 1980's on. Windows NT has also been the least secure enterprise OS in existence. It took a decade for Windows Security to be considered anything but laughable. Now it's just mildly amusing.

        Get off my lawn.

  • by dgharmon (2564621) on Monday January 28, 2013 @08:10PM (#42721877) Homepage
    "The cyber war has seen various attacks around the world, with incidents such as Stuxnet [Windows], Flame [Windows], and Red October[Windows] garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit [DDOS attacks run from compromised WINDOWS desktops]".

    "Given the malicious actors that are out there and the development of the technology, in my mind, there's little doubt that some adversary is going to attempt a significant cyberattack on the United States at some point"

    Only if you persist in running your infrastructure on that back-doored OS and connected directly to the Internet ...

Between infinite and short there is a big difference. -- G.H. Gonnet

Working...