Getting to source of cyber attacks

US Navy 070604-N-8497H-030 Director of Global ...Image via Wikipedia
Bill Gertz:

Military cyberwarriors are building up efforts to pinpoint the sources of foreign computer break-ins on U.S. networks and will need to demonstrate a major computer attack capability in the future to deter increasingly sophisticated threats, according to the outgoing commander of the U.S. Strategic Command.

...

On tracking the source of computer attacks, a process the military calls “attribution,” Gen. Chilton said the military is improving its capability to locate the sources of electronic attacks, a key first step in defending systems and conducting offensive cyber-attacks.

“Attribution is more difficult in this domain but it’s not impossible,” he told The Washington Times. “And you have to work that problem, but we are getting better.”

Knowing the source of a cyber-attack is critical for defenses “so you know where the attack is either mounting or coming from,” he said.

“But also, if we’re ever going to extend the notion of deterrence — deterring an attack in cyberspace — one of the fundamental elements in being able to deter somebody is to be able to convince them that you can attribute them as the source of the attack.”

Gen. Chilton said deterring cyber-attacks before they are carried out, either by nations or criminals, requires demonstrating a “credible threat” from the U.S. military that would force all attackers to think before acting.

“If we elect to use cybercapability to deter — and you don’t necessarily have to, you can use something else to deter bad cyberbehavior — [but] if we’re going to use cybercapabilities to deter, that’s going to beg for some demonstration of that capability,” he said.

Gen. Chilton did not answer when asked whether U.S. cyberforces, under the Stratcom subcommand called U.S. Cyber Command, could have attacked WikiLeaks to prevent the anti-secrecy website from disclosing thousands of stolen classified U.S. documents.

“There’s no plans for anything that would demonstrate a [cyber-attack] capability at this time,” he said. “But I think, if we’re going to think about deterrence, which we do at Stratcom, these are the kinds of challenges for the future for us.”

...
When I first started asking experts about finding the source of an attack, I was told it was impossible. We know that our capability to find the sources of attacks have improved because Google was able to trace back the attacks on its Chinese system. I think we can assume that the government also has that capability.

In terms of a defense against hackers, I think a worm that plants itself in the source computer and keeps working its way back would be an ideal deterrent.
Enhanced by Zemanta

Comments

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

29 % of companies say they are unlikely to keep insurance after Obamacare

Bin Laden's concern about Zarqawi's remains