[Infowarrior] - Cyber B52 strikes mooted as response to Chinese infowar

[Richard Forno]

"We cannot allow.....there to be....a mine-shaft gap!!"    (Sorry,  
couldn't resist!)   --rf


Original URL: http://www.theregister.co.uk/2008/06/06/china_infowar_response/

Cyber B52 strikes mooted as response to Chinese infowar
By George Smith, Dick Destiny
Published Friday 6th June 2008 11:44 GMT

"I have watched this thing grow... to the incredible proportions it  
has reached today. I have studied the facts ... facts, and by  
projecting the statistics I realized the time has come to act. I  
realized I had to act before the entire will and vitality of the free  
Western world was sapped and polluted and made rancid... The  
absolutely fantastic thing is that the facts are all there for anyone  
who wants to see them."

Are they the words of some expert ranting about Chinese hackers  
causing blackouts in the US? Or just your author being tricky, lifting  
a quote from General Jack D Ripper in Peter George's script for Dr.  
Strangelove.

While it looks obvious here, the mixed nuts are harder to discern in  
the mainstream news. CNN put an "expert" named Gordon Chang on  
primetime on the 29th. If you were in the States and watching you  
learned Chinese cybermen had been having a field day, inflicting a  
digital Pearl Harbor on the country, not once, but twice.

CNN's Pentagon correspondent, Jamie McIntyre, was puzzled: "This term  
cyber warfare sounds kind of, you know amorphous, kind of hard to get  
your hands around it..."

Fifteen minutes later, Chang, author of an unintentionally hilariously  
entitled book called The Coming Collapse of China vaguely informed the  
news network, "Well, they say that two of those were really the  
Chinese caused blackouts in the United States, one in 2003 and the  
other..."

For Chang, "they" were a couple of chatterers from the press, more  
specifically, an article in the National Journal, a publication nobody  
but Congressional staffers and producers and editors of news  
organizations in Washington, DC, reads. (We'll get to it briefly in a  
moment.)

"We've always knows that our civilian networks, which are not  
protected as well as the defense ones, can be taken down, but we never  
really had a demonstration that it could, indeed, actually happen  
until a couple of years ago," continued Chang.
Pick a scare, any scare

The news story demonstrated one common feature of all stories on  
cyberwar. You can say anything you wish and not suffer a beatdown. The  
most remarkable, even ludicrous, things can be claimed. Once on paper,  
it's fair to discuss such things as if they had the reality of a piece  
of granite.

Since the Chinese had been causing blackouts, Chang reasoned the US  
government ought to show some backbone and give them a talking to.  
Angela Merkel of Germany had shown it. She had told off the Chinese  
premier, it was claimed. But Defense Secretary Bob Gates was not so  
bold. Gates had even had his e-mail hacked by the Chinese, claimed  
Chang.

But back to the National Journal. It had published an article entitled  
"China's Cyber Militia," (http://www.nationaljournal.com/njmagazine/cs_20080531_6948.php 
) one which fueled the paranoia of Dr. Strangelove crazies. The facts  
were all there for everyone to see, implied the magazine, and the  
Chinese "had possibly triggered two recent and widespread blackouts in  
Florida and the Northeast, according to U.S. government officials and  
computer-security experts."

"Officially, the blackout was attributed to a variety of factors, none  
of which involved foreign intervention," reported the magazine. And  
then came the procession of private sector consultants, stating things  
were otherwise. The magazine's report was lengthy, working through the  
logic that the truth of a thing is determined by the number of  
Americans who can be found to assert it. In another manner of  
speaking, if one can fill a room with bull, hearsay and gossip,  
there's always a magic tipping point where it transforms into fact,  
like lead turns into gold when touched by the Philosopher’s Stone in  
alchemy.

To spend too much time arguing details is to be drawn into the  
deranged world of the American way of threat description. Absence of  
proof is not proof of absence, goes the slogan, and before you know  
it, you're off to war.

But long-time readers know how the cyberwar game has played for close  
to a decade.

By way of example, in November of 1999 the Washington Times published  
a front page story entitled "China Plots Winning Role in Cyberspace."

The hypothetical scenario of catastrophe was produced.

"China could launch a devastating computer-run sabotage operation by  
attacking U.S. oil refineries, many of which are grouped closely  
together in areas of Texas, New Jersey and California... A [Chinese]  
computer attacker could penetrate the electronic 'gate' that controls  
refinery operations and cause fires or toxic chemical spills," it was  
said.

For close to ten years, there has been a constant parade of characters  
peddling this manner of paranoid threat-assessment. Older names like  
John Hamre, Richard Clarke, James Adams or Michael Vatis have drifted  
away, replaced by younger characters, functionally equivalent. It has  
always been apparent that many were and are involved in a process  
which included fear-mongering and shakedowns for funding. It was a  
bipartisan activity, a constant small collective of experts and  
officials more accurately, if impolitely, described as mischief-makers  
and eccentrics massaging a part of the government/private sector  
security collaborative. The mainstream media has generally been a  
compliant enabler of them.

But what if in the space of ten years, it has just been a coincidence  
that we've been plagued by whispering pests from the professional doom  
industry? What if China actually has stolen a march and made fantasy  
into reality? Let's conduct a thought excursion and pretend it's all  
real, every last word, and the infrastructure is in danger of being  
torched, the lights turned out.
The cyber bomber gap

What would the United States do? Start carpet-bombing? Carpet-bombing,  
in this case, means having a force of cybermen and their own vast  
military botnet to launch DDOS attacks.

In "Carpet-bombing in Cyberspace," an article from the Armed Forces  
Journal, (http://www.armedforcesjournal.com/2008/05/3375884) Col.  
Charles W. Williamson III writes "America needs the ability to carpet  
bomb in cyberspace to create the deterrent we lack."

There is a carpet-bombing gap in cyberspace, it is said. "We are in [a  
new arms race] and we are losing," asserts Williamson. China has the  
greatest capability for cyber carpet-bombing because "analysts think  
China has the world’s largest denial-of-service capability."

The US can offset this by investing in its own military botnet, sort  
of like not allowing the Russkis to take the lead in mineshaft digging  
in Dr. Strangelove.

When it comes to carpet-bombing a foreign country's cyberspatial  
infrastructure, the proper intelligence will be important, reasons  
Williamson. But no capability should be particularly restricted by  
details. If the US blows some puny country off the Internet and it  
turns out that their computers were only being used by others, the  
retaliation will have had, in any case, a warning effect. After all, a  
weapon has no deterrence if you keep it a secret. And besides, they'll  
probably have had it coming.

"Brute force has an elegance all its own," the man says.

Script fragment from a hypothetical remake of Strangelove: "Now, if we  
can speak freely, sirs, we think the Chinese flash a big game but,  
frankly, they're short on know-how. You can't take a bunch of ignorant  
peasants and expect them to understand a machine like one of our boys.  
If you see one of our cybermen from the Air Force - their slogan's  
"Above All" - they're really sharp. They'll barrel our DDOS attack in  
so low, you've just got to see it sometime!" (Manic stare, chomps  
cigar) ®

George Smith is a senior fellow at GlobalSecurity.org, a defense  
affairs think tank and public information group. At Dick Destiny (http://www.dickdestiny.com/blog/dickdestiny.html 
), he blogs his way through chemical, biological, and nuclear terror  
hysteria, often by way of the contents of neighbourhood hardware stores.