Thursday, February 09, 2006

Who needs nuclear weapons anymore?

Excluding Iran and the potential of its nuclear program (no country that bans music should have such a power!), perhaps I should rephrase - who can actually use them nowadays, are they just a statement of power, does flexibility and beneath the radar concepts matter? I feel they do.

I just came across a news article from January on a new EMP warhead test, and while there have been speculations/or movie plots that Electromagnetic Pulse Weapons could be used by terrorists, I find this a bit of exaggerated statement that actually seeks further investment in current development of the concept I guess. I feel that compared to symmetric warfare, asymmetric warfare as a concept has greatly evolved during the years, and in today's interconnected society, military powers could be easily balanced. What's else to mention is the "cooperation" between the parties on which I came across in a report on Nuclear Electromagnetic Pulse, as of June 9, 2005, namely :

 "If we really wanted to hurt you with no fear of retaliation, we would launch an SLBM,'' which if it was launched in a submarine at sea, we really would not know for certain where it came from. ``We would launch an SLBM, we would detonate a nuclear weapon high above your country, and we would shut down your power grid and your communications for 6 months or so.'' The third-ranking communist was there in the country. His name is Alexander Shurbanov, and he smiled and said, ``And if one weapon would not do it, we have some spares.'' I think the number of those spares now is something like 6,000 weapons." 

 "the Russians had developed weapons that produced 200 kilovolts per meter. Remember, the effects in Hawaii were judged to be the result of five kilovolts per meter. So this is a force about 200 times higher. The Russian generals said that they believed that to be several times higher than the hardening that we had provided for our military platforms that they could resist EMP."

 ``Chinese military writings described EMP as the key to victory and described scenarios where EMP is used against U.S. aircraft carriers in the conflict over Taiwan.'' So it is not like our potential enemies do not know that this exists. The Soviets had very wide experience with this, and there is a lot of information in the public domain relative to this. ``A survey of worldwide military and scientific literature sponsored by the commission,'' that is the commission that wrote this report, ``found widespread knowledge about EMP and its potential military utility including in Taiwan, Israel, Egypt, India, Pakistan, Iran, and North Korea."

Still there's hope for preserving the global state of security instead of fuelling its insecurity :
"In 2004, the EMP Commission met with very senior Russian officers, and we showed that on the sign. They warned that the knowledge and technology to develop what they called super EMP weapons had been transferred to North Korea and that North Korea could probably develop these weapons in the near future, within a few years. The Russian officers said that the threat that would be posed to global security by a North Korean armed with super EMP weapons was, in their view, and I am sure, Mr. Speaker, in your view and mine, unacceptable."  

Foreign views of Electromagnetic Pulse (EMP) Attack reveals further details on other nations' ambitions etc. Perhaps one of the most famous commitments towards EMP is the The Trestle Electromagnetic Pulse Simulator that can also be seen at Google Maps, still, in my opinion it's a defensive initiative for an offensive purpose :(

Extending the topic even further, The Space Warfare arms race has been an active policy of key world's leaders for decades, and that's not good. The U.S, Russia and China as the main players are fuelling the growth in one way or other due to believing in perhaps :

- that the other sides are actively developing such capabilities, and they are, because they think the opposite => arms race
- growing trend towards asymmetric warfare
- cost-effectiveness compared to building a multimillion nuclear submarine as a statement of power?
In my opinion space warfare would directly influence everyone down here on Earth, and scenarios such as :
- hijacking?
- destroying

could become normal. Space is already getting crowded, if I were to forget one of my favourite quotes "But I guess I'd say if it is just us... seems like an awful waste of space". On the other, and in respect to securing critical infrastructure on Earth :) I find recent initiatives such as the Cyber Storm exercise more PR, than relevance oriented, my point is that how come you expect to have the critical infrastructure secured, when a global overload in traffic would again deny service, a critical one. 

My point is that, the Internet as the most pervasive and cost effective tool is often utilized for sensitive both, commercial, government and military operations, attacking the Internet affects pretty much everyone. Excluding the overall shift towards network-centric warfare and you've got a problem given commercial and public IP networks are used to handle the enormous bandwidth needed for sensitive operations.

To sum up, go through the following War Quotes, and perhaps consider how major problems on Earth stop major innovations in Space. I feel War is not a solution, but an excuse that should never be said! I know this post tried to combine several different issues, but I think given IP is at the bottom line, my readers wouldn't mind :) What's your attitude on Space Warfare arms race? Is it real, and how do you picture the future developments in here?

More resources on Electromagnetic Pulse Weapons, Space Warfare and Network-Centric Warfare are also available at :
-
Tags: , , , , , , , , , , ,

The War against botnets and DDoS attacks

In one of my previous posts talking about botnet herders I pointed out how experiments tend to dominate, and while botnets protection is still a buzz word, major security vendors are actively working on product line extensions. DDoS attacks are the result of successful botnet, and so are the root of the problem besides the distributed concept. Techworld is reporting that McAfee is launching a "bot-killing system", from the article :

"Unlike conventional DDoS detection systems based on the statistical analysis of traffic, the first layer of the new Advanced Botnet Protection (ABP) intrusion prevention system (IPS) uses a proxy to pass or block packet traffic dependent on whether or not it is “complete”. "

The best thing is that it's free, the bad thing is that it may give their customers a "false sense of security", that is, while the company is actively working on retaining its current customers, I feel "SYN cookies" and their concept has been around for years. Moreover, using a service provided by a company whose core competencies have nothing to do with DDoS defense can be tricky. Companies worth mentioning are Arbor Networks, and Cisco's solutions, besides the many other alternative and flexible ways of dealing with DDoS attacks.

In my research research on the Future trends of Malware, I pointed out some of the trends related to botnets and DDoS attacks, namely, DDoS extortion, DDoS on demand/hire, and with the first legally prosecuted case of offering botnet access on demand, it's a clear indication that of where things are going. Defense against frontal attacks isn't cost-effective given that at the bottom line the costs to maintain the site outpace the revenues generated for the time, hard dollars disappear, soft ones as reputation remain the same.

My advice is to take into consideration the possibility to outsource your problem, and stay away from product line extensions, and I think it's that very simple. A differentiated service on fighting infected nodes is being offered by Sophos, namely the Zombie Alert, which makes me wonder why the majority of AV vendors besides them haven't come up with an alternative given the data their sensor networks are able to collect? Moreover, should such as service be free, would it end up as a licensed extensions to be included within the majority of security solutions, and can a motivated system administrators successfully detect, block, and isolate zombie traffic going out of the network(I think yes!)? 

As far as botnets are concerned, there were even speculations on using "Skype to control botnets", now who would want to do that, and under what reason given the current approaches for controlling botnets, isn't the use of cryptography or security through obscurity("talkative bots", stripping IRCds) the logical "evolution" in here?

Something else worth mentioning is the trend of how DoS attacks got totally replaced by DDoS ones, my point is that the first can be a much more sneaky one and easily go beneath the radar, compared to a large scale DDoS attack. A single packet can be worth more than an entire botnets population, isn't it?

How do you think DDoS attacks should be prevented, active defense such as the solutions mentioned, or proactive solutions? What do you think?

You can also go though other resources dealing with DDoS attacks and possible solutions to the problem :
Technorati tags :
, , , , , , ,
-
Tags: , , , , , , , , ,
Subscribe to: Posts (Atom)