Botnets as machines of War

Wednesday

Ok, this doesn't sound like a good idea. Has the internet become the Army's new playground?

While most government agencies are struggling to keep their computers out of the latest Russian botnets, Col. Charles W. Williamson III is proposing that the Air Force build its own zombie network, so it can launch distributed denial of service attacks on foreign enemies.

In the most lunatic idea to come out of the military since the gay bomb, Williamson writes in the Armed Force Journal that the Air Force should deliberately install DDoS code on its unclassified computers, as well as civilian government machines. He even wants to rescue old machines from the junk bin to enlist in the .mil botnet army.

The U.S. would not, and need not, infect unwitting computers as zombies. We can build enough power over time from our own resources.

Rob Kaufman, of the Air Force Information Operations Center, suggests mounting botnet code on the Air Force’s high-speed intrusion-detection systems. Defensively, that allows a quick response by directly linking our counterattack to the system that detects an incoming attack. The systems also have enough processing speed and communication capacity to handle large amounts of traffic.

Read the full article at wired.com.

Directly linking an counterattack to the system that detects an incoming attack? Spoofing anyone? Well, this seems like a kind of last resort attack because our economy and society depends on the Internet. They must realize when launching this attack against an attacker, that all the networks in between will be affected. (or maybe someone needs to tell him)

If I remember correctly, stealing/gathering information from the enemy, spreading misleading information to the enemy or even making information unavailable are some cornerstones of Information Warfare doctrine.The five core capabilities of Psychological Operations (PSYOP), Military Deception (MILDEC), Operations Security (OPSEC), Electronic Warfare (EW), and Computer Network Operations (CNO) form the foundation for IO (Information Operations). I must re-read some of that stuff. Ddanchev has some very good articles on PSYOP.

This might help: The Information Warfare Site. You might find some documents like:

Information Operations Primer [1.9 MB], US Army War College, November 2006

Information Operations and Asymmetric Warfare…Are We Ready? by LTC LaWarren V. Patterson, Strategy Research Project, April 2002

Staying on the same topic: Recently there was an cyberwar game where the NSA targeted different military schools (wired.com).

For four days in late April, the National Security Agency -- the nation's most secretive repository of spooks, snoops and electronic eavesdroppers -- directed coordinated assaults on custom-built networks at seven of the nation's military academies, including West Point, the Army university 50 miles north of New York City.

It was all part of the seventh annual Cyber Defense Exercise, a training event for future military IT specialists. The exercise offered a rare window into the NSA's toolkit for infiltrating, corrupting or destroying computer networks.

The 34 Army cadets comprising the West Point IT team operated in a different kind of battlefield, but their combat skills and instincts need to be every bit as sharp. Like George Washington said: "There is nothing so likely to produce peace as to be well prepared to meet the enemy."

The SQL injections, targeting their Fedora Core 8 Web server, were a piece of cake for these IT combatants. Each injection tried to smuggle malicious code inside the seemingly harmless language used by the network’s MySQL software. The cadets handily defended with open source Apache web server modules, plus some manual tweaking of the SQL database to "avoid any surprises," in the words of Lt Col. Joe Adams, a West Point instructor who helped coach the team.