Subscribe via RSS
Archives by Date
August 2008
July 2008
June 2008

See all Archives
Archives by Category
'Canes
Afghan Update
Ammo and Munitions
Armor
Around the Globe
Av Week Extra
Axe in Iraq (and Elsewhere)
Bizarro
Blimps
Blog Bidness
Body Armor Blues
Bomb Squad
Brownshoes in Action
Bubbleheads, etc.
Cammo Green
Catch the "Buzz"
Chem-Bio
Civilian Apps
Cloak and Dagger
Commandos
Comms
Contingency Ops
Cops and Robbers
Cyber-warfare
Data Diving
Defense Tech Poll
Dissent Tech
Drones
DT Administrivia
Eat DT's Dust
Extra! Extra!
Eye on China
Fast Movers
FCS Watch
Fire for Effect
FOS Files
Friday Funnies
Gadgets and Gear
Going Green
Grand 'Ol Osprey
Grand Ole Osprey
Ground Vehicles
Guns
Homeland Security
In the Weeds with Eric
Info War
Iraq Diary
Jarhead Jazz
JSF Watch
Just War Theories
Lasers and Ray Guns
Less-lethal
Logistics
Los Alamos and Labs
M4 Monopoly
Medic!
Mercs
Missiles
Money Money Money
Most Wanted
MRAP Edge
Net-Centric
Nukes
Old Skool
Our Shrinking Planet
Planes, Copters, Blimps
Politricks
Polmar's Perspective
Popular Mechanics
Rapid Fire
Raptor Watch
Red Team
Retro-Futuro
Robots
Roll Your Own
Sabra Tech
Ships and Subs
Snipertech
Space
Special Ops
Star Wars
Strategery
Stray Trons
Tactical Development
Terror Tech
The Deadlies
The Defense Biz
The Peoples' Site
The Sunday Paper
The Tanker Tango
The View from Av Week
Those Nutty Norks
Training and Sims
Trimble on the Case
Video Lounge
War Update
Ward'z Wonderz
You can run...

See all Archives
Newsletters

Edited by Christian Lowe | Contact

Better late than never to the cyber arms race

botnet.jpg

The U.S. Air Force announced it plans to construct a large botnet. The term Botnet is jargon for a collection of software robots, referred to as bots, that take over and run autonomously or by remote control on infected computers. These bots present a serious security threat to the computer owner. Cyber militaries and hackers leverage the combined power of hundreds of thousands or even hundreds of millions of computers that have been compromised to pump out spam e-mail or disable targeted servers by overwhelming them with Internet traffic.

There are over 100 million computers that have been compromised and are now part of botnets. The largest botnet is thought to owned and operated by the RBN -- Russian Business Network. They lease capacity of their botnet for spamming and other more sinister purposes. The second largest botnet is owned and operated by the Chinese military. The estimated size of their botnet is put at 85 million and growing fast.

Military Applications

Espionage - collecting information from the network of computers that have been infected with the malicious code. Collecting keystroke information that contains log-ins, IDs and sensitive information or actually capturing screen shots of what the user is doing.

DDoS - the network of computers can be remotely commanded to start flooding a target system with transaction, overwhelming it until it shuts down

A bit late to the game, the U.S. Air Force has to rapidly construct their botnet. In the May edition of the Armed Forces Journal, Col. Charles Williamson III outlined the cyber warfare strategy being hashed out by the U.S. military. There are reports that the plan calls for using the publics’ computers to create this offensive cyber weapon. There is no question in the minds of many who are working in the cyber warfare field that the U.S. must create cyber weapons and that a botnet is just one of the many that need to be in our arsenal. But the devil is in the details!

-- Kevin Coleman
May 15, 2008 09:47 AM | Cyber-warfare | 

Comments

you sure got it on this one

Posted by: Forex Trade at June 1, 2008 08:06 AM


Hey there Tim, before you spank Kevin you had better check this link out!

The Headline is Air Force Looks to Use Military, Civilian PCs For Offensive Botnet

http://www.dailytech.com/Air+Force+Looks+to+Use+Military+Civilian+PCs+For+Offensive+Botnet/article11760.htm

Lets all work together and beat the bits out of them

Posted by: Betsy at May 15, 2008 10:21 PM


GREAT POINT Bruce!!!!

A single computer can have multiple bots and thererfore a member of multiple BotNets.

http://www.cnn.com/2006/TECH/internet/01/31/furst/
This interview says 75 to 100 million as well

Posted by: Kevin at May 15, 2008 10:04 PM


The numbers seem a little wonky - 100M total bots, and the *second*-largest botnet has 85M bots? Either the numbers are off, or machines get infected into multiple botnets. I could believe the latter, but it would be interesting to see confirmation.

Posted by: Bruce at May 15, 2008 08:48 PM


Tim & Kevin you are both right.

Kevin the point you make is valid. PCs in the US being used in a botnet would slow the Internet for everyone unless the Air Force have their own HUGE pipe through special routing to take the DDoS they launch off our backbone. Tim you are right, Kevin's point I addressed above and his comment about DDoS architectures require assets outside the US to launch DDoS cyber attacks. It is this type of contructive dialog I love on here. IT expands the understanding of the issues.

Posted by: Brian at May 15, 2008 08:39 PM


Tim

When I screw up I admit it. But not this time. Read the link article below. I am not the only one that walked away saying the same thing.

Here are a few http://seclists.org/isn/2008/May/0057.html

http://www.buzztracker.com/permalink/31453/69813760/Air-Force-Colonel-Wants-to-Build-a-Military-Botnet

http://truthfeeds.com/Elections/87075/Air-Force-Colonel-Wants-to-Build-a-Military-Botnet

http://www.cnn.com/2008/TECH/05/15/military.botnet.ap/index.html

And so on.

I am concerned over any BotNet hosted on any domestic PC. When you use computer oin U.S. soil to launch or take part in a Distributed Denial of Service (DDoS) you clog our internet pipes. The nature and architecture for DDoS requires off shore capabilities.

Posted by: Kevin at May 15, 2008 08:24 PM


"The U.S. Air Force announced it plans to construct a large botnet."

If your lead sentence is completely wrong, you deserve a serious spanking.

The paper in question is a proposal by an Air Force colonel. It is not a "plan", and the U.S. Air Force did not approve it.

Kevin Coleman owes the DT readership an apology. Complete misunderstanding of the subject in question is usually handled by AP/Reuters. DT should get out of that business, since they cannot compete.

Posted by: Tim at May 15, 2008 06:40 PM


Well, I'm skeptical, but pleased- and I'm also obliged to wipe the egg off my face and have a helping of crow, because I never expected the USAF to do this. Operational botnets generally have the advantage of being spread all over the world, making them hard to stop by blocking off IP ranges. I wonder how the AF plans to emulate this attribute? It's amusing to imagine a cheap apartment in Goa or Minsk with nothing inside but a dozen cast-off desktops being remote-admin'd by the "Cyber Command."

Posted by: TrustButVerify at May 15, 2008 04:36 PM


Another good link
http://washingtontimes.com/apps/pbcs.dll/article?AID=/20080515/FOREIGN/586297128/1003

Posted by: Kevin at May 15, 2008 01:59 PM


I'm not sure the Air Force has announced it's plan or just LCol Williamson. A brief and interesting response is here. http://tinyurl.com/67vgcw

Posted by: caution at May 15, 2008 01:51 PM


Right to the point and not holding back any punches - that is the Kevin we have all come to admire and respect!

Posted by: SpyGuy at May 15, 2008 10:48 AM


Post a comment




Remember Me?


Please enter the code as seen in the image below to post your comment.