Tweeting About Cyberwar and Other Ridiculous Ideas

Tuesday, June 19, 2012

Infosec Island Admin


The “Benefits” of Cyber War?

Something has been sticking in my craw lately and, like a grain of sand in the gullet of an oyster, it has finally matured into a pearl of…

Well, not wisdom as much as bilious hate, but I do hope that it does enlighten some and denounce others for their vulgar stupidity.

As you can see from the image below, the grain of sand that started this came from our pal Richard Bejtlich over at Mandiant.

I have often found his diatribes to be products of the “echo chamber of secrets” that he lives in, but now it seems that his pathology is beacon-ing straight out of his nether regions and leaking onto his Twitter feed… and it seems he is fresh out of depends undergarments.

The quote on the “benefits” of cyber-war is completely out of whack and I would like to point you all in the direction of the fallacy of his train of thought. Richard, it’s not about how many are alive today because we used a stalling tactic cum sabotage against their nuclear program, it’s about us actually doing this and opening Pandora’s box on ALL of us because we did so without really thinking about it.

THAT’s the issue you fail to grasp and it is something that you and many more like you in the “establishment” fail to get. So, no, we did not bomb the facility, but neither did we forestall the Iranian efforts to the point of dissuading them from carrying on, nor actually conceive of the idea that they would redouble their efforts post the attack.

We poked the badger and now it’s pissed AND has the same weapon we used on them to RE-USE against us. Nice.

Of course, I am not advocating the idea that this type of activity should just be verboten and that we should eschew such things. No, I agree in the use of the technology and the ends that we had in mind. No, what I disagree with now is that it’s being used as a cudgel in an election cycle and has turned into a FUD parade bigger than any ever seen before.

It seems that the movers and shakers out there in Washington got new toys that they just had to play with and then brag about, at least that’s my perception. Of course then they have their rah rah guys like ol’ Tao here saying something to the effect that it’s a clean and precise warfare.

No, it’s not.

Tell That To The Iranian Physicists and Their Families

So Rich, how many lives were saved? How many were lost here should be the question. I can remember at least 3 Iranian scientists who went kaboom during and after the Stuxnet attacks. I also know I have heard of other people, including CIA assets that are missing and presumed killed who may also have had something to do with the operation in Natanz. So, it’s not really a clean warfare is it?

In fact, lets expand on this and think about the FUD factors being talked about in the Congress and in general where “Cyber-War” is concerned. The fear is that when the shit goes down because someone inserted a worm into say the grid, then people start dying. Sure, they would likely be people in hospitals who are really sick, aka the sick and the aged, but hey, those are just collateral damages right?

No war is clean, no war is precise, and as we are seeing from all accounts even with drones, there will ALWAYS be collateral damage. So don’t blow sunshine up our collective asses on this one Richard. The fact is, this one could be really bad for many people if the situations are right and, by my estimation, will always have some portion of actual deaths attached to them because of blowback.

Of course, all of this talk depends on whether or not you buy into the idea of this activity actually being “war’ in the traditional sense of the word. Like I said before, we are not even sure what “cyber-war” is nor have we really created rules and doctrine around it. So, let’s not go and minimize the issue by saying “gee, look how many lives we saved by not bombing the shit out of them!”

The effects of the sabotage politically as well as what reprisals Iran might be thinking about or acting upon are not fully realized yet so it’s a bit early to start the spin there Rich.

Monkeys With Digital Guns

I have said this before and I am saying it again, we are just monkeys with digital guns. Fools with tools really. I am afraid of the level of hubris here and frankly feel that it’s almost time to just become a Luddite. At least Luddites won’t be compromised by their toasters because China made malware to p0wn us all.

I really feel like Taylor, standing before the wreckage of the Statue of Liberty, yelling as Nova looks on like “Holy WTF?”


How about we all take a step back and ponder what we have done? Lets look at the repercussions as well as the current state of our own systems before we move ahead at full steam?

What? The Pentagon is advertising for black hats?

Well, guess time will tell what the first “great cyberwar” will bring. Could be a lot of nothing... Could be some indigestion… Could be a collective fart… Much like the fart that I consider the tweet that started this whole diatribe. Start digging your trenches kids, the digital mustard gas is next.


Cross-posted from Krypt3ia

Possibly Related Articles:
malware Government Iran Military Cyberwar Attacks Stuxnet FUD cyber weapon
Post Rating I Like this!
Ali-Reza Anghaie Well done.

Additionally the environment this further "justifies" is the Nation-State further isolationist stance full of false protection promises. That has the ripple that we've already seen well in Terrorism these past seven decades. So instead of closing the information and technology Gap we're wedging another block.

That has consequences that lead to skirmishes and lives lost. Make no mistake about it.

The whole problem is we weren't ready for something we needed to do and we put all of our "response" eggs in one basket. The rush to over-build this area neglects everything else.

If we were going to do and admit to this - it needed to be a much more overwhelming asymmetric blow that wasn't followed by years of hedging and hand-wringing.

It's about tactical roadmap and timing, people mistake detraction as some pacifist desire. And we're nowhere close to being pacifists. -Ali
Michael Johnson Ali, most professionals with an ounce of sense are the pacifists. They know the Internet has serious issues with security, and the only practical way of resolving this is to secure networks against whatever real threats they face. Most governments appear to recognise this already.

What is the 'Pandora's Box' Kryp3ia refers to? It's that some idiots in authority see fit to distribute malware, attempt to wedge the Internet into some Law of Armed Conflict (square pegs and round holes, and all that) and do various other things that actually degrade the security of the Internet, and then use a load of apocalyptic science fiction BS to justify it. Doesn't make them look too good, does it?
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.