There was lots of good discussion last time about cyber warfare, cyber security, and U.S. policy, but what most respondents seemed to miss was the international nature of the IT business — all the outsourcing and offshoring that we were told was so great — and its implications for U.S. security. The upshot is that any U.S. cyber warfare czar will have to effectively function as a WORLD cyber warfare czar, a fact that neither Republican nor Democratic Administrations have yet been willing to embrace, at least in public.
Forget for the moment about data incursions within the DC beltway, what happens when Pakistan takes down the Internet in India? Here we have technologically sophisticated regional rivals who have gone to war periodically for six decades. There will be more wars between these two. And to think that Pakistan or India are incapable or unlikely to take such action against the Internet is simply naive. The next time these two nations fight YOU KNOW there will be a cyber component to that war.
And with what effect on the U.S.? It will go far beyond nuking customer support for nearly every bank and PC company, though that’s sure to happen. A strategic component of any such attack would be to hobble tech services in both economies by destroying source code repositories. And an interesting aspect of destroying such repositories — in Third World countries OR in the U.S. — is that the logical bet is to destroy them all without regard to what they contain, which for the most part negates any effort to obscure those contents.
You can have 1000 safe deposit boxes with only three holding anything of real value, but that obfuscation is meaningless if the target is ALL safety deposit boxes.
To this point cyber security conferences tend to concentrate on intelligence (probing attacks to learn about a potential enemy, gather information and map defenses) and tactical deployment (using that intelligence information to blind, disable, or defend some network resources in what’s usually perceived as an encounter lasting hours). There is little to no regard for strategic use of cyber warfare as in the India-Pakistan example or the nuking of source code libraries. We don’t talk about it because it is too horrific, not because it can’t happen.
The result, of course, is that any major power has to be concerned about the cyber security of all its technology partners, which over the last decade has come to include a lot of Third World nations. Try to do a security audit of Argentina or Bangladesh and see what nightmare is unveiled. Yet this is exactly where major international companies are deploying more and more technical resources.
The military answer of course is to isolate network traffic, as many readers have suggested. But how do you enforce that in other countries? And how effective is it at all against a strategic attack on essentially commercial resources? Not very.
This is not a battle but a war and wars take a long time to prepare for and wage. As readers have pointed out we’re not just concerned with malware and viruses but even hardware-based attacks. Who knows if that flash memory from Malaysia or that router card from Taiwan is compromised? Who CAN know? And if you’ve found one hardware exploit in a product does that mean you’ve found all that are there? Hardly.
One point of view is that this makes both old tech and traditional firepower more valuable. Analog systems, for example, are unlikely to be compromised by digital exploits. And 2000-pound bombs are a pretty darned effective response to a cyber attack IF you can clearly identify the attacker and figure out where to drop the bombs. Both effects tend to neutralize the effect of advanced systems, making Syria a more effective opponent against Israel, AND push superpowers toward brandishing their biggest guns — nuclear weapons.
So cyber warfare is internationally destabilizing in whole new ways with the world being dramatically less safe as a result. This works mainly to the advantage of the bad guys.
Then there’s the Code God Effect — the potential strategic impact of a single programmer with commanding skills. That very guy or gal who typically is the creative heart of an entire company (but they never admit it) because he is the equivalent of 100 average coders can be the secret weapon in a cyber war, too. And the distribution of such megabrains is random enough that to say one or more aren’t working right now in North Korea would be a bad bet — one that a nation like the United States would be unwise to make.
We see the Code God Effect happening right now with publicized Chinese Internet incursions and those are just amateurs: the real damage is being done by much more skillful players we have yet to even detect.
What this means for any major power is that they aren’t as powerful as they think they are and that power is even less across borders. There isn’t a U.S. agency I know of — ANY agency — that is prepared to win such a war against a clever and determined opponent of almost any size.
If the game is U.S. versus Albania, who wins? I don’t know.
We need new tools and new weapons. We need to find ways of changing the battlefield to negate opponents (this is HUGE), not just shooting back. We need leadership that understands this. Maybe President Obama understands it, maybe not. He hasn’t demonstrated yet that he does, at least not to me.
Let’s hope that’s just part of an incredibly clever master plan.
Yeah, right.
New weapons? To control? Sounds Orwellian. Maybe we have really just lost our way in the war of ideas. Perhaps the G8 nations or the powers that be have lost the war of idea(l)s with their arrogance in bombs and money. People all over the world need a reason to fight, kill and disrupt social order. Those reasons are usually due to bad governance and greedy, controlling people in powerful positions.
I don’t think we will be able to keep smart people (the Code Gods) from doing socially disruptive things as long as powerful people and organizations keep doing unjust and inhumane things to their friends and family.
This may be simplistic. But perhaps we need to develop more social control of multinational corporations, because right now there is very little accountability for them and their minions in governments. Maybe some Orwellian tactics used on them instead of the multitude of users on the internet. Perhaps we need better judicial systems. Perhaps I’m just dreaming.
Corporations have been hiding behind their “corporate personhood” for over a century. More recently, executives have been hiding behind the corporations they manage in order to plunder them and then resell the husk for pennies on the dollar to cronies.
How is this compatible with democracy or justice?
OK I followed the advice at the top of the colum and I’m trying to be the first to comment. Now I’ll have to read the column.
“(…) over the last decade has come to include a lot of Third World nations. Try to do a security audit of Argentina or Bangladesh”
Argentina a Third World nation ? Even if Argentina isn’t anymore one of the wealthiest countries in the world (as it used to be), it is an upper-middle income country.
Once again, an American shows how little he knows about the rest of the world….
The International Monetary Fund in 2009 classifies Argentina as a “developing” economy. That and it’s presence in South America qualify Argentina as an unambiguous member of the Third World.
I think picking Argentina was a very poor choice “developing” or not — your point could have been made using some other country (or not picking a country at all). Argentina does quite well in both traditional measures (such as GDP) and more modern measures (such as HDI). E.g. it does about as well as Norway in the first case and substantially better than Saudi Arabia or Brazil in the second case.
Robert,
The Argentinians have egos that know no boundaries.
How does an Argentinian commit suicide? He just jumps off his ego.
Cheers,
Gerardo.
típico argentino… ¡aceptación, “ché”!
… and of course Pascal has done a security audit of Argentina and
the Bang, so he knows. The Cringe could have named any country, don’t be and S.
Besides he isn’t an American…. he’s a Valley Boy.
There’s many aspiring Code Gods in some developing countries hosting US/Euro IT outsourcing. They spend all their time systematically learning the ins and outs of ancient mainframe codebases, including how to further obfuscate it with seemingly incompetently-designed changes so even the retrenched former Code Gods in the US won’t be able to understand it easily. They will then coordinate sudden large pay rise demands, which will include relocation with green card to the US, with not only their own families but also their uncles’ nephews. Saving on this cost was the very reason the systems were outsourced in the first place, wasn’t it?
Thoughts:
North Korea appears to my admittedly limited world view a bad choice for locating a code outlier. All the talent in the world might make up for a lack of education but I think it far more likely that said person would have left North Korea… and since N. Korea is what it is we might ask where they would go or how they would get out but my guess for both questions is the Chinese organized crime underworld.
This brings me to me next thought, haven’t we realized that by focusing on nation states we’re ignoring reality. Crime syndicates are at least as big as some nation states economically and increasingly far more sophisticated. Let me recommend a book: “McMafia” by Misha Glenny as germane to this topic. If US v Albania is a toss up what does that say about a US v Mob dust up?
Code repositories really? I would think that companies would have a policy of regularly making hard copies ie. burn a disc. of at least the head of the code tree. Every company I’ve worked with has done this periodically to cover their backsides in case of a “who invented what when” legal squabble. Online banking and utilities (can a script cancel your electric service?) look as vulnerable and perhaps of potentially greater impact to me. No, an attack will more likely poison code repositories and bank backups rather than erase them.
Finally, who cares about doing a security audit of a third world country when we can’t even get people right here in the home office to use strong passwords. Security is a cultural thing. It is also a very abstract idea that is hard for our hunter gatherer brains to grapple with. Yes, we need to start making computer literacy a priority in school and I do not learning mean how to use powerpoint. Yes, this is going to take time and while we are vulnerable now, education is firmly in the hands of petty local bureaucrats so this solution is a long way off.
The best thing I can see them doing is getting our governments house in order so that their are no bot nets run on government pc’s, ensure that backups are done properly, ensure that redundant systems are in place and that there exists a recovery plan. I’m not sure anyone appreciates how great a stride forward these goals are. Still I have a feeling that if we don’t put our house in order while going around demanding that other countries do something about cybercrime, we’re going to get laughed out of the room.
See here for a look at how ‘culture’ has been used in an academic information security context: https://www.business.uts.edu.au/management/workingpapers/files/Oost2007.pdf
Sometimes a little simplistically..
This is a made up problem. It doesn’t exist.
Code libraries are backed up. Any damage to them would be temporary. You can frustrate internet users with denial of service attacks, but it’s an inconvenience at most. If we can’t buy useless crap at Amazon, we’ll buy it somewhere else for a short time. The military doesn’t have anything of critical importance on the internet.
This column is even more shrill and useless than the Y2K cry babying that never amounted to anything. Bob and his opinions are just weak attempts at fear mongering so he can weasel some consulting gig.
I tend to agree with this sentiment regarding source code. I don’t know any coders that have come to point of not having backups of their work apart from central repositories. Many programmers don’t even use source control repositories, but depend on their own backups and working directories. Of course there is a risk of having source code lost over the years, but often that matters little as the new contractor will use/develop their own code.
I consider the greater risk being that repositories could be compromised and their contents leaked. But this seems to be the scenario that Mr. Cringely is downplaying in favor of the private information on the public internet being wiped en masse.
The latest in drug smuggling technology (originally envisioned and lampooned by Berke Breathed in his Bloom County illegal cat sweat hair tonic storyline) could very well be the next terrorist nightmare. Imagine these babies floating into the ports of Houston, Los Angeles, Charleston, Philadelphia and New York one fine summer day, each containing a three to four man crew and an explosive device, nuclear, biological or conventional.
“any U.S. cyber warfare czar will have to effectively function as a WORLD cyber warfare czar”
Ah! That good old American arrogance!
Get over yourself.
The term “world Czar” is appropriate because US comerical interests have been diversified into many different countries. To defend the economic and political security of the US, the US has to look beyond the security of it’s own borders. But then that is hardly new is it?
David
That was my first reaction. But really Cringely is taking a world view that is contrary to the current stance that Congress and the Whitehouse are taking. They seem to think that a “Cyber Czar” (or Cyber Policy Coordinator) can in some way “protect the Internets”. Of course that is ludicrous since, as Cringely points out the US does not own the Internet.
[…] Cringely thinks it through. There was lots of good discussion last time about cyber warfare, cyber security, and U.S. policy, but what most respondents seemed to miss was the international nature of the IT business — all the outsourcing and offshoring that we were told was so great — and its implications for U.S. security. The upshot is that any U.S. cyber warfare czar will have to effectively function as a WORLD cyber warfare czar, a fact that neither Republican nor Democratic Administrations have yet been willing to embrace, at least in public. […]
Dear Bob, it sounds much like Y2K Bug prophecies. Do you really think these issues were ignored?!. Don’t forget who initiated the research that preceded the creation of the internet!
Embedded software is a pain indeed and it’s used for decades with eyes wide open and
proper measures are taken.
Anyway, if you meant that the “civilian”‘ world is in danger then you are probably right, although not so much because of ignorance but rather economical reasons. If you check carefully the vital public services, you’ll notice that they are pretty much protected or at least recoverable from cyber attacks.
True, there should be concerns and national policy should be devised in the USA and elsewere
but let’s not panic.
The most vulnerable resources are the public ones which are part of the global network, the same network that our enemies are using !!
Lots of comments focus on narrow ideas or betray some America hating obsession and in the process miss the point.
My personal favorite is the first comment from Dave Wesely who seems to think that if only the US and multinational corporations would dispense with their own interests and withdraw all of their cruel injustices, then there would be no motive for anyone to be a bad actor. As if greed, avarice, and corruption where the sole monopoly of the already powerful. Never mind that some God-hack in China or North Korea might be coding to disrupt ‘the social order’ in the US out of nationalistic fervor. You won’t catch on leafing through your back issues of Mondo 2000 that smart hackers no longer exclusively align to a vague anarcho-libertarian code that they did in the golden 80’s and 90’s.
What I take from Bob’s article is that the threat is so pervasive and multidimensional that we, as a culture, government, and corporations have not begun to take steps to address it. As every aspect of our lives becomes more deeply entrenched into information systems, the problem, and its potential as a force multiplier only gets worse. I suspect things will continue in this way until something very bad happens. The article raises real concerns and is modest on solutions over the very size of the problem. This won’t be the end of our society, but it will cost us dearly.
David
David,
You’re right about my post, it was rather snarky. But I think you missed my point. And my point is basically the same as yours – nothing’s going to change. Unless something really bad happens. My point is that hopefully the change will involve a better system of checks and balances as part of the solution. As opposed to more oppression of freedom of speech and ideas. Oh, and greed, avarice and corruption are not the sole monopoly of the powerful, they are just better positioned to use it.
Cheers:)
Sure, but I think if we close down the public internet everything should be good. /sarcasm
I’m not saying it is not an issue but I do think it could be overstated and used inappropriately.
Besides, I believe uncle sam has a pretty good handle on his big brother machine.
http://gizmodo.com/5281357/obama-administration-adds-renowned-hacker-to-homeland-security-advisory-council
I discussed good practices in the comments to Bob’s previous column. I am going to repeat the theme, this time with a different twist.
Lets suppose a bad person gets into your computer system or on your network, what is the worst that can happen? If something bad was happening to your systems or on your network, how would you find out? Behind questions like this is a basic “Murphy’s Law” mindset — “Anything that can go wrong will go wrong.” This mindset has served the Engineering profession well for many decades. You rarely see it used in information technology. This mindset should guide the design of information technology networks and system design. It should lead you to:
* Isolate and protect your critical data and applications. Under no circumstances should your business and customer data be exposed to or accessible from the Internet.
* Be able to quickly detect and react to problems. Any attempt to download large amounts of business data should set off alarms! If your customer service reps access no more than 100 records a day, then anyone accessing more than 150 records should get attention.
* Anticipate failure (or intrusion) and have a means to operate despite it. If the internet disappeared tomorrow, could your business continue to operate?
* Have a robust means to restore systems and data. No one should be able to delete your business records or source code, let alone do it permanently. Assuming they could get into your system, can you undo their damage?
Because few IT teams know about Murphy’s Law, or design their services accordingly, we have lots of security problems. Everything Bob has suggested is indeed possible.
“* Isolate and protect your critical data and applications. Under no circumstances should your business and customer data be exposed to or accessible from the Internet.”
I’m not sure this is practical, especially for small companies without proper IT support. I once saw a major amount of company source code almost erased because a retired employee took his personal computer home (being an owner, he provided his own computer) and it had the only copy of all his source code. About a year later, someone asked about the source code and we managed to get it back (a legacy project that worked well and wasn’t maintained regularly).
Don’t ask me how this happened. I maintain off site tape backups of all company computers but somehow his fell through the crack. I’m now looking at an Internet based backup to keep critical backups on a remote computer about 200 miles away from the office in the event the big one hits the west coast. But again, this involves hooking the backup computer to the Internet and also trusting a third party backup vendor to keep my data secure. While I could do my own VPN solution over the net, there are still holes involved.
While there may be methods to keep data on internal servers away from the Internet, most Microsoft computers refuse to operate without AV and Windows updates and WGA may require a real connection to MS servers to allow your Windows to stay active. You would be surprised by some of the Fortune 500 companies I see that don’t have their internal manufacturing nets attached to the Internet but also don’t run current AV software or do OS updates. And they and their vendors often attach external laptops and other computers to these isolated internal nets.
“I’m not sure this is practical, especially for small companies without proper IT support.”
If you are going to put your company and/or your customers at risk, you MUST make it a priority to do the job right. Too many people have had suffered identity theft and/or had their accounts raided by people who have broken into small companies.
There are many firms that provide a good web hosting service inexpensively. Start by using one of them. This is a simple, yet effective way to isolate the internet from your business systems and data.
I do a lot of work in this field. There is really only one line of computer systems that have bullet proof security and an operating system. It is also a pretty expensive system.
I really think the big worry is that backdoor/virus/timebomb/exploit (pick one) code gets slipped into software/firmware of mainstream products and all users become vulnerable. The really surreptitious way this is done is via coding techniques that leave the software open to the exploit vs. malware type code. How do you detect that?
The other concern should be loss of intellectual property to 3rd parties in the 2nd or 3rd world who are now maintaining code bases for virtually every software company. The next generation software coming out of these countries will be very competitive and be priced so low that it will be difficult to compete with it.
Hi Bob,
“We need new tools and new weapons.”
I have a FAR better idea. Just stop making enemies. Start making friends with other nations and get their support. All this terrorism and junk will start falling away. Just start working with diplomatic goodwill around the world, including Arab nations and I think you will be stunned at the response the US would get.
Thinking in terms of Allies and Enemies for too long means you can’t see the forest for the trees.
I know it sounds quaint and naive but it’s true. Change all the foreign policy that is completely insane and destructive and start working with goodwill and in an inclusive manner around the world and 98% (at least) of this stuff will just disappear. You can then retrench your cyber “Czar” (what’s with that name anyway?) and save the taxpayer some money.
Czar and Department of Homeland security. Both have war and genocide like connotations. Why would anyone in their right minds pick these names? They just speak to more death and destruction. Think peace and change for the better and see what happens. In my view this is very hard for Americans to do as they have been trained into a war mindset for such a long time. Name me a decade over the last hundred years where the US has NOT been at war directly or by proxy? How many do you get, did you even use all the fingers from one hand? I doubt it. War begets more war and you’re stuck in an impressive downward spiral of destruction.
That whole structure that has been created (it did not happen by accident) to support war is so efficient that it has even become adept at ensuring that it never runs out of enemies. And because of this articles like yours will appear.
I really enjoy your writing and even agree with your conclusions above I just think the unspoken/not thought of assumptions on which this hinges are incorrect.
Regards, Martin.
Martin,
The internet is a wild and dangerous place.
“Making nice” is not likely to change that.
Although your idea may address real world issues, it has not been possible to “play nice” on the internet since before the WWW got started.
First up, don’t be so condescending. You don’t have to talk down to me.
The internet may be a wild and “dangerous” place, although I don’t know where you hang out. Where I go it’s pretty safe. If you’re referring to clandestine warfare over a network then fair enough, but any country that has put their infrastructure within reach of the network is retarded as far as I am concerned. If you’re in that predicament, then don’t bleat about it, fix it. The same applies to sensitive information. Last week one of the departments of the US government put sensitive nuclear information on the internet. Way to go. I think that China isn’t even your biggest threat.
“it has not been possible to “play nice” on the internet since before the WWW got started.”
Yeah yeah.
This goes to the “making nice” comment. Yeah it’s all so rosy, you’re all hardcore dudes whatever. Oh yeah, “making nice” is so quaint but real man have to face up to this problem! If you’re not wondering how you landed in this predicament then you’re further up the watercourse with no means of propulsion than I thought. Enjoy.
Regards, Martin.
Bob,
I’ve read about something called TPM’s and securing pc’s etc using hardware. Do you have an opinion regarding this type of approach to handle sensitive information?
What is more important than data loss is loss of connectivity.
Without reliable and redundant connectivity everthing else is — moot.
How many companies or municipalities have:
a. Literally mapped their connectivity?
b. Restoral priority (RP) plans which have been tested and actually work?
c. Restoral priority (RP) plans for “out of house” connectivity which have been tested and actually work?
d. Completed credible risk assessment surveys for *identified* mission critical circuits?
This is not to mention secondary power with an “auto start” capacity which can power mission critical circuits for a minimum of seven days.
krp
Minor point. World czar? Under american auspices? Am ‘xenophobic and proud of it’ erica? Who’s gonna trust you? Remember that little law that demands USoA invades the host country of the ICC if (and that’s a big if — read the ICC charter, which a certain senator apparently couldn’t be bothered to) an USoA citizen ever has to appear at the ICC? It’s still on the books. That country is one of your NATO partners. Invade! That’s just one example of how trustworthy you are.
Not to put a too fine point on it, playing well with others isn’t the USoA’s strong point. This will have to change, and soon, or you won’t have much influence left to peddle.
Some considerations regarding the strategic scenarios:
1) Offline backups. While individuals tend to be really crappy about taking backups, network admins and medium and large corporations are much better about it.
2) Outsourcing has peaked and diversified. Most companies have encountered enough of the smaller, more common risks of international IT support so that they are already keeping some activities in the developed world. Furthermore it’s multi-national. A Pakistani attack on India wouldn’t affect services outsourced to China, Vietnam, Ireland or Poland. Or if it did, it would be viewed as an attack on those countries as well and would be a much riskier proposition for Pakistan from a diplomatic standpoint. Not to say there will be no impact, but it’s not likely to be as bad as if (say) China were to start selling off U.S. government debt on the world market.
3) Speaking of China, right now the biggest M.A.D. war scenarios are between the U.S. and China since it could be nuclear, financial, cyber-war or any combination of the three. But unless we are in an actively antagonistic mode with them, I would expect us to be allies in a cyber-war triggered by a third party. Not to say that the Chinese won’t be doing their damnedest to snipe intelligence off of our networks and make us even more financially vulnerable, but until they think the U.S. no longer has sufficient value as a customer they will prop us up like an old mercantilist colony. (There’s some karma for you) Any cyber-attack that would threaten the US economy enough to threaten China’s exports to us would probably draw China in. I don’t see any other cyber-nations that could stand up to a combination of the US, China plus assorted pro-western democracies.
The biggest wild-card in any scenario with China is North Korea. China generally stands neutral or pro-PDRK when there are confrontations with the US, but that seems to be predicated on the assumption that PDRK can’t really do any major harm to China’s customers. As PDRK becomes more confrontational with US allies Japan and South Korea, it will be “interesting” to see if China puts communist/totalitarian ideology ahead of economic wealth. Worst case scenario is that PDRK completely hoodwinks China regarding its nuclear intentions and lobs a nuke into Tokyo or Seoul. Otherwise, there is probably a threshold where China would tell Sunny Kim to stop dicking around. PDRK could also act as a proxy for a Chinese attack on the west that they could blame on the wacko leaders of that country while reaping benefits. But this scenario has the risk of triggering a global cyber-war kind of the way the assassination of the arch-duke triggered WW I. (in fact I think this is the most likely failure mode for a catastrophic cyber-war: some otherwise minor action triggers a chain of events that shuts the internet down completely)
I think the main reason US analysts aren’t talking too much about a strategic cyber-war is that we hold a lot of the wild-cards in terms of the internet’s infrastructure, including the DNS, the main TLD registrars and so on. I’m willing to bet that any country that provoked us would soon find itself unable to route it’s own internet traffic. And if a target country is not yet network dependent to the extent that the US is, a cyber-war is effectively a form of economic war. Despite our tricky relationship with China we still have a lot of economic clout that can be used as a weapon as well. One reason there are so many bubbles in various investments is that there are too many dollars held by the investing classes worldwide in comparison with the actual value of the investments available. The same power that China has over US debt can be applied to most other countries by having this investment capital flooded into the target in different ways to imbalance their economy.
Now that various unfriendly governments can put missiles up reasonably high, might one of them use the opportunity to generate an EMP? Might North Korea be able to knock out much of the digital infrastructure in South Korea (or Japan)?
Bob, very fine article, I’ve been in the business a long time but there were some things in here that I hadn’t thought of. But you missed one possible area; if you are trying to mess up someone’s data, your first level is to destroy the data
continuation of above, don’t know what happened but it published itself. The greatest damage you can do to a cyber-adversary is not to destroy but to garble their data while making it look as if it’s OK. It’s much easier, too; what we’re talking about is garbling the index, as opposed to trashing data (smaller volume of data to be altered).
Bob,
One issue in cyber-security has nothing to do with networks, per se, but everything to do with the threat to more conventional weapon systems. The F-22 Raptor is a good example: it relies heavily on sophisticated microelectronics, the secure sources for which are harder to come by these days. The threat is obvious: a compromised hardware platform could embed code that simply reports information back to the enemy, or – in the worst case – disable or disrupt the weapon system upon activation.
Thinking about the DoD and it’s cyber vulnerabilities is one thing. What about the economic world which until recently hasn’t even been concerned about protecting itself? An attack on our military could be disastrous, but an attack on the world banking system would be disastrous.
Ok, that second “disastrous” should be “calamitous”
The world’s money system suddenly shuts down.
The concept of destabilization you raise is a disturbing one. I f you follow the course of evolution of wars and technology they pretty much were on a hockey stick of escalation right up to the introduction of the atomic bomb. Ever since, the world has been “stable” in that the big powers have not duked it out in anything but skirmishes for regional influence.
One has to consider the effect of a cyber capability that could disable a country’s ability to launch missiles or deploy bombers. That would change the balance of power dramatically and make nuclear war possible. Not good.
One former executive of one of the big anti-virus vendors told me that his company was approached by delegations from India and Pakistan; each asking them to develop “weapons grade” viruses for them. You can imagine the types of R&D going on in those countries all with the goal of changing the balance of power in a region that you identify as holding critical assets for the rest of the world.
Remember February 24th 2008? An engineer at a Pakistani ISP re-routed all YouTube traffic to a black hole in Pakistan. Youtube disappeared for a couple of hours. But, more dramatically, Pakistan’s ‘Net connectivity collapsed under the load and eventually PCCI in Hong Kong shut all of Pakistan off.
I imagine the cyber war researchers around the world took careful note of the day Pakistan’s network succumbed to a spurious BGP route announcement.
More at: http://blogs.zdnet.com/threatchaos/?p=548
Bob is ahead of the media curve again here. Several NPR stories about Iran shutting down the Internet to muffle the opposition.
https://www.npr.org/templates/story/story.php?storyId=105532292
https://www.npr.org/templates/story/story.php?storyId=105545361
[…] countries than their own really will not change their lives that much. If you are of this belief, read the post titled Collateral Damage written by Robert X. Cringely on is blog. He lays out the ripple effect of a cyber warfare in other countries, for example a […]
[…] via I, Cringely » Blog Archive » Collateral Damage – Cringely on technology. […]
Senuke Bonus…
[…] amazing site regarding senuke, however they dont give a discount… […]…
I think this game is one of the best computer games I have tried so far. It is because of the smooth visual effects. But unfortunaly nothing beats Call Of Duty MW 2 on xbox 360, so I am returning to the consol now ^^ Maybe I will play this game tomorrow sometime.
It is better to be born lucky than rich.
nice 🙂
qokvaiixzpbvvmkpvc, kate spade, PsnwnBXJDjAyqiXIZosB. dzcmmrxnenkifztjqz, donald j pliner, JDiwSaVGcegrJzfjRUKk.
Thanks very good o/
Normally I do not make comments on blogs, but I have to mention that this post really forced me to do so. Really admirable post.
Thanks for taking this possibility to discuss this, I am strongly about it and I benefit from learning about this subject. If at all possible, because you gain data, please update this site with new information. I’ve found it extremely useful.
Im obliged for the blog article.Much thanks again. Really Cool.
Thanks for the tips! Great blog btw….
Very good article post.Really thank you! Want more.
I was simply shopping for associated blog posts for my undertaking research and I occurred to find yours. Thanks for the helpful info!
perfect diary you hold
I just discovered your website on yahoo and see that you’ve obtained some wonderful thoughts in this post. I particularly appreciate the way you’ve been able to stick so really much thought into a fairly short upload (comparitively) which creates it an thoughtful post on your topic. IMHO you set a lot of great information in this upload not having all the filler that most bloggers use just to make their posts appear longer, that is ideal for a gal like me who doesn’t have a lot time cause I am generally within the go. I frequently get so frustrated with so many of the final outcomes in the main SE’s due to the truth they often seem to mainly be filled with filler content that frequently isn’t very sensible. Should you don’t mind I am going to include this post and your weblog to my delicious favorites so I can write about it with my family. I appear forward to coming back again to study your long term posts too.
Ohh very much thanks admin
I used to be initially treated using Ipl which is not the best method for laser hair removal. I began with total arm laser hair removal. I went to an MD who applied a powerful early model lazer device however was left having blotchy parts. Next I made a decision to buy a laser hair removal. I am thrilled and will be starting different regions of my body soon. The costs as well fit my spending budget which is definitely a great benefit.
I used to be initially treated with Ipl that isn’t the best method to get laser hair removal. I started out with whole lower body laser hair removal. I visited an Dr . that applied a good early model laser light unit but ended up with with blotchy parts. Later I made a decision to purchase a tria laser hair removal system. I am delighted and will be starting additional regions of my body soon. Their pricing even fit my spending budget which is a substantial plus.
I used to use shaving to get rid of my excess hair however it was so uncomfortable that I wanted to stop. I gave shaving a try and it turned out somewhat but was really tedious. So I spent most of my time researching the silk n sensepil models. I actually bought the personal laser and am absolutely happy with the outcome. It provided me awesome hair removal at an ultra low price tag. I certainly recommend it to someone instead of stringing.
hahah, it has been months There is some stuff. Well another article that will work out just fine. I need something like this something I am working on, lucky mine is on the same subject as this post. Thanks, happy trails.
it has been months There is some stuff. Well another article that will work out just fine. I need something like this something I am working on,
I have discovered rather a lot on your site and I sit up for additional updates and shall be back. Perhaps this can be a bit offf subject but in any case, I’ve been surfing about your blog and it appears to be like actually neat. impassioned about your writing. I’m creating a new blog and laborious-pressed to make it seem nice, and provide wonderful articles.
its really difficult really good finance interest rates on personal savings right now. the banks usually are not offering good percentage rates
I like this site and saw it on Google search. I think your thoughts on I, Cringely » Blog Archive » Collateral Damage – Cringely on technology are right on. Thanks for writing about this and looking forward to reading more on your site.
yesss very thanks man i love this site
sorgulama, hesaplama832
good post good subject thanks for this site’s admins :=))1043
Congratulations, your article was reprinted to Harvard University, visit http://harvard-us.edu.ms
Hey there, I would like to thank you for taking the time to make such a wonderful article
its really difficult really good finance interest rates on personal savings right now. the banks usually are not offering good percentage rates..
good post ..
Viruses, Spyware, & Malware: Symptoms, Prevention, & Removal…
There has been a great number of fake antivirus alerts appearing…
Thank you very nice place to implement for Happy
young money…
[…]I, Cringely » Blog Archive » Collateral Damage – Cringely on technology[…]…
Extraenergie
[…]the time to read or visit the content material or web sites we’ve linked to beneath the[…]
jewellery factory
[…]Sites of interest we’ve a link to[…]
male strippers melbourne
[…]although sites we backlink to below are considerably not connected to ours, we really feel they are in fact really worth a go via, so possess a look[…]
https://www.sphericall.com
[…]one of our visitors a short while ago advised the following website[…]
garage door service
[…]we came across a cool site that you just could appreciate. Take a search in the event you want[…]
I-STOP
[…]Sites of interest we have a link to[…]