yes, its an attack if the Russian hack into the Georgian website hosted on US servers. Because the Russians should know what they are hacking into. and if they are hacking into US networks then the country is not safe from foreign invaders and the military should be ready to cybershoot back (if the attack can not be thwarted) but hold until the President gives the order. and when the President gives the order the military will apply and equivalent cybershot as the one that was taken when the US was attacked by the Russian in the scenario in the 1st place. maybe they will hack into russian network and make the russian pressident's personal computer show nothing but http://spongebob.nick.com/ for a whole hour. yes its an attack shoot back

Posted by: nonome at May 15, 2009 05:48 PM

Anything that doesn't belong to an id or server that,
isn't authorized to add itself,is an attack in my
mind..

Posted by: reshtet at September 15, 2008 08:06 PM

aoc gold,are you just trying to disturb someone
with your worthless posts??? I bet you visit teamguynetwork.com...Remember Broadband and security issues...

Posted by: reshtet at September 11, 2008 08:15 PM

Hey cyber so called experts!Why is a DEMOKRAT literally more popular during wartime than a REPUBLIC NAM VET??? And seems to be the new(lak)
President....It's def.. an inside thing right???

Posted by: reshtet at September 11, 2008 11:57 AM

I think you will have to treat this as an Embassy issue.
You are going to have to cede a legal, embassy classification to that server, so, you will prob have to have a physical, dedicated spot for the server.

This gives it legal standing as a foreign diplomatic agent. so attacking a sponsered server, would equate to attacking a legal attache.
That would make the host country unable to read, change, or even unplug the server.

Kinda changes the meaning of a diplomatic packet !

Posted by: Morgan Knapp at August 23, 2008 05:45 PM

Buried in the bowels of todays News...

http://www.cbsnews.com/stories/2008/08/20/tech/main4368749.shtml

Posted by: James at August 21, 2008 01:26 PM

I suspect it depends a lot on how much "collateral" damage to your assets and infrastructure the attack causes as to whether it should be considered an attack on your assets and infrastructure. If an attack is of such a magnitude that it significantly impacts on the backbone carrier's ability to operate, and that carrier is providing civic or commercially-significant services that are compromised, degraded or removed, then I'd say we have an aggressive act.

Of course, the key word here is "significant", and that extent can change depending on how critical and/or costly the disruption of service is.

Then of course comes the problem of proving it. If you're going to go to war - "cyber" or otherwise - with another power, then you need to have your casus belli worked up to a point of high plausibility. That kind of thing could be relatively difficult to prove in a decentralised environment, unless someone's being quite blatant about things.

It's certanly a call for improving security across the board, and providing extra insulation for trusted infrastructure, in any case.

Posted by: Dr. Curiosity at August 20, 2008 12:50 AM

Honestly, US companies need to know the danger to which they may expose themselves and the responsibilities that they are undertaking when they agree to host a website that may come under attack by a foreign power.

Posted by: avi to dvd creator for mac at August 19, 2008 10:20 PM

Actually is you thnk it realisticly. If the attac is harming USA websites too or compromises their cesurity its attac against us. If it destroys some USA sites defenses on the same server its initial attack agaisnt US. If it only concentrates on the site blocking and overloading ect. that server can limit away by removing the site its never an attack against us as te site is part of separate conflickt. If the attack damages the server or surrounding system physically its a critical attack against USA infrasctruckture. Basically all attacks are bad attacks but in war some attacks have to be accepted if they do not expand the war. Under the freedom of information however all attacks by anyone against enemies public propaganda is illegal and destrucktive to humanity itself. Blaaaah. -how do you take this. Its an attack agains EVERYBODY.

Posted by: Nickname at August 19, 2008 11:19 AM

Maybe this will sound insane, but my best guess at the moment is that the only way to establish a solid definition of cyber-warfare is to do this through complete legislation of the cyber-space, a **census** of all websites, country by country, and the establishment of an individual status for websites and server, similar to the idea of "legal person" used for companies. Once we give "rights" to websites as legal entities, we eliminate most of the questions and we're able to think in a much clearer way.

Of course, having a census made for every single website is impossible. BUT. Is it really possible anyway to have a census made of every single person in, let's say, New York City? There would always be some homeless people left out of the database. Same thing here; we would know, through the census, about every single registered website and would be able to establish a series of rights for them.

We can then establish solid legislation concerning the creation of new websites, including mandatory registration of the website at the legal level. You give birth to a new child, you get him/her to exist in the system or else the kid won't actually have any "right", legally speaking. Same with websites.

From there, we can very well work our way through. If anything, internet would be a much more orderly place.

Posted by: Alec at August 19, 2008 11:00 AM

Hmm... to make things even more confusing how will you handle countries that host routers and servers that were forwarding the traffic
to the target. It's not like you have a direct connection between attacking and a victim computers. TCP/IP traffic may take different routes to arrive at the destination. For example, the attack happened on Georgian website in the USA but the network packets went through Poland and Japan. Would you consider them as aiding parties? The answer is probably NO since you have distinctly defined origin and destination addresses in TCP/IP packets. Hence, you can clearly identify were packet/traffic came from and who is the attacker.

Here is also another scenario - less clear one. The attacker is using a bot-net and 90% of machines used to mount an attack are located outside of the attacking country. So, 90% percent of the traffic will be originated from countries that have nothing to do with the attacker. Technically, you won't even be able to prove that the ATTACKING COUNTRY is behind the attack. Even if you do prove that the attack came from particular country, you still need to prove that the government was behind it. Anyways, I hope this demonstrates how complex this whole thing is when it comes to technical aspect of it and there is no 'cut-and-dry' approach to solving it.

As from the political/social standpoint, I like Ptsfp comparison of cyber-warfare to spy craft. Things are hard to track when it comes to internet and network traffic. Network traffic routing conundrum doesn't have much of geographic restrictions (that are often used to define in independent state and act of aggression towards one) associated with it. Spooks are the same way, they aren't concerned with borders. If spook from country A get caught in country B, country B doesn't declare a war on country A. It simply arrests the spook or expends him/her - no bombs needed!

In case of cyber-warfare, I would think having an ability of unplugging certain countries from international info highway so they don't disrupt others would be a great idea. This however introduces another set of problems but it would be simple and effective way to isolate offenders.

Posted by: Andre at August 19, 2008 08:21 AM

So the fact that several of the BOTNET servers that helped launched this DDOS were located in the US has nothing to do with this, RIGHT??? So does the US or some other country attack itself??? Please try to understand the problem before you ask the question.

In the US the complaint is that the Chinese are attacking their infrastructure while in the rest of the world the complaint is that the US is conducting attacks on them. Cyber warfare is completely different from any other form of warfare. An attack can happen without notice, from any location, be anonymous with the support/coordination from multiple sources and in most case are unprovoked. That is why the US is so unprepared for a Cyber attack. Federal/State/local government agencies are not equipped, trained, or ready on the defensive to dealing with these types of issues on a massive scale. Maybe they have had to deal with a handful of cases at one time but noting in the magnitude of removing the US presence from the Internet. However, that would take some serious coordination form other groups, countries, and insiders for that to happen. However, just the fact that it could happen should get all levels of government to question the state of the security of the US national infrastructure.

Posted by: secure_root at August 19, 2008 06:39 AM

"Want to know how to stop a government from hacking a web site? Unplug the damn thing from the net...with a bomb...on their side of the cable. Case closed."

Which is fine and dandy for a secure network - stealing critical files should not be possible as they won't be *on* computers connected to the internet. No matter how good your hacking-fu is, you can't magic a network cable into existance on the other side of the world.

The problem comes when looking at systems that have to be publicly accesible to be considered 'working' - any sort of public information webg page, and VoIP telephony servers, are perfect examples. If I can make you disconnect them from the internet, they're valueless to you and I won.

Ultimately, as noted, it can only be treated in the same way sabotage by a spy/terrorist is treated - (a) how serious was the attack on a third party, (b) what 'collateral damage' was done to the host nation, (c) can you identify who - even vaguely - was responsible, and (d) to what degree do you think their host nation/organisation supported, encouraged or planned the action?

Posted by: Joe at August 19, 2008 06:21 AM

The fact that you can't even define aggression exposes how ridiculous the entire idea of your cyberwar is Mr. Coleman.

Want to know how to stop a government from hacking a web site? Unplug the damn thing from the net...with a bomb...on their side of the cable. Case closed.

Can you send me one of those fat government paychecks now?

Posted by: null at August 19, 2008 02:36 AM

I'm new to the idea of cyber warfare, so I won't pretend to be a subject matter expert.

As a military member, I see the dependence on computers becoming more of a factor in every day operations than ever. Yesterday my flight's server went down for maintenance and 85% of the personnel in the building had to stop working. Even in my job, a very basic maintenance job, we depend on at least 2 server databases to process our work orders. If cyber warfare were to take place on a military server, I would absolutely see that as an act of war. But where do you draw the line between an illegal act, and an act of war? I mean, Alec posted an extreme, assassinations of U.S. officials. But what effect does cyber warfare have on the body? Can someone inject a virus into a server that could kill a bunch of people? Maybe I don't know enough about it, but it seems like the collateral damage, from even a large-scale attack, like taking down all US bank servers for a few days to keep people from buying and selling, has minimal impact.

Posted by: Dan at August 19, 2008 12:40 AM

We could find ourselves in an awkward position if this were to happen. flv converter for macmac mp4 converter

Posted by: feed at August 19, 2008 12:38 AM

[size=4][url=http://www.vipaocgold.com/][size=4]aoc gold[/size][/url] [url=http://www.vipaocgold.com/buy-aoc-gold/]buy aoc gold[/url] [url=http://www.vipaocgold.com/aoc-news/]cheap aoc gold[/url][/size]
[size=4][size=4][url=http://www.aocsale.com/][size=4][size=4]age of conan gold[/size][/size][/url][/size] [url=http://www.aocsale.com/buy-aoc-gold/]buy age of conan gold[/url] [url=http://www.aocsale.com/aoc-news/]cheap age of conan gold[/url][/size]
[size=4][url=http://www.cheaperzone.com/][size=4]warhammer gold[/size][/url] [url=http://www.cheaperzone.com/Buy-WOW-Gold/WOW-Gold.Html]buy warhammer gold[/url] [url=http://www.cheaperzone.com/News/News.Html]cheap warhammer gold[/url][/size]
[size=4][url=http://www.vipwarhammergold.com/][size=4]warhammer gold[/size][/url] [url=http://www.vipwarhammergold.com/]buy warhammer gold[/url] [url=http://www.vipwarhammergold.com/]cheap warhammer gold[/url][/size]
[size=4][url=http://www.vipwargold.com/][size=4]warhammer gold[/size][/url] [url=http://www.vipwargold.com/]buy warhammer gold[/url] [url=http://www.vipwargold.com/]cheap warhammer gold[/url][/size]
[size=4][url=http://www.buyfastgold.com/][size=4]warhammer gold[/size][/url] [url=http://www.buyfastgold.com/buy-warhammer-gold/]buy warhammer gold[/url] [url=http://www.buyfastgold.com/news/]cheap warhammer gold[/url][/size]
[size=4][url=http://warhammer-gold.rgtrcredit.com/][size=4]warhammer gold[/size][/url] [url=http://warhammer-gold.rgtrcredit.com/Buy-warhammer-gold.html]buy warhammer gold[/url] [url=http://warhammer-gold.rgtrcredit.com/Warhammer-Gold.html]cheap warhammer gold[/url][/size]
[size=4][url=http://warhammer.hellgate-pd.com/][size=4]warhammer gold[/size][/url] [url=http://warhammer.hellgate-pd.com/buy-warhammer-gold.html]buy warhammer gold[/url] [url=http://warhammer.hellgate-pd.com/cheap-warhammer-gold.html]cheap warhammer gold[/url][/size]
[size=4][/size]

[size=4][/size]
[size=4][/size]
[size=4][/size]
[size=4][/size]
[size=4][/size]
[size=4][/size]

aoc gold   buy aoc gold  cheap aoc goldage of conan gold   buy age of conan gold   cheap age of conan goldwarhammer gold   buy warhammer gold   cheap warhammer goldwarhammer gold   buy warhammer gold   cheap warhammer goldwarhammer gold   buy warhammer gold   cheap warhammer goldwarhammer gold   buy warhammer gold   cheap warhammer goldwarhammer gold   buy warhammer gold   cheap warhammer goldwarhammer gold   buy warhammer gold   cheap warhammer gold

Posted by: aoc gold at August 19, 2008 12:03 AM

The interesting point in the discussion is the relivance of 'Nation States' in this debate. Traditional warfare was predicated on recognised States undertaking or threating hostile acts.

The advent of what is in effect boardless states in the internet world calls into question the traditional notion of Nations going to war.

Any consideration of 'cyberwarfare' should be taken in the context of criminality in a cyber environment. Spaming, hacking and other criminal acts are well understood. Would not cyberwarfare be an escalation of that criminality.

The ability to separate out the 'military' and 'criminal' aspects of cyber attacks relies on a nation undertaking that attack, which leads to the aspect of nations endorsing that activity.

As an Australian where Privacy rights are codified under law, having emails VoIP communication subject to NSA review is something that could be mistaken for a criminal act against me. Despite that the fact that NSA is permitted under US law to conduct those activities.

Posted by: Matt at August 18, 2008 10:12 PM

Conlad

The questions is - What (as is what act or attack) would rise to the level that a cyber war is declared or breaks out?

Hacking a web site is no way near the level I envision. Taking down the ability to process credit and debit cards for more than 1 day does.

Posted by: Kevin at August 18, 2008 09:08 PM

Exactly, I believe that the response would have to mirror the attack. You wouldn't shut down a nation's communications network because they defaced a website.

But, in Georgia's case, it just wasn't website defacement. They attacked their communications, their VOIP phone system. Moving the website to the US was more of a political statement than anything else.

With the porous properties of TCP/IP it could take a forensics team a while to even decipher who the attacker is and where it originated.

I see Cyberwar more congruous with spy craft than with physical warfare. The soldiers don't line up in platoons and march into battle waving flags. They covertly analyze, enumerate and then attack.

Sometimes it takes weeks or longer to probe a target and find a way in. I bet that the Russian "peacekeepers" were analyzing Georgia's infrastructure for quite awhile before they had the opportunity to act. But when the time came, they already had the backdoors and openings ready, so they used them and shut Georgia down.

Just as physical foreign operatives are at work in the US, cyber operatives are at work also. We need to be just as active. We need to be prepared to defend and attack. We need to lead the world in cyberwar, because nations who could never face us on the physical battlefield are already using it against us. It is the battlefront of the 21st century.

Posted by: Ptsfp at August 18, 2008 08:44 PM

Conlad has a good point...

The only way to really establish a solid definition would be to have a defined environment in which to establish that definition. Else, the variables keep changing pretty much randomly and your definition doesn't actually mean anything, since anyone can pretty much always find a work-around or a loophole of some kind and exploit that fault to keep attacking you whatever you might say or do.

I guess the cyber-world is just too much like water, a wave can hit you pretty hard, but even if you wanted to, you'd never be able to pick out the exact molecules that inflicted the damage. Too much chaos and unpredictability.

If that's indeed what we're facing, we just might have to realize that we will not be able to establish a firm definition that would be in any way effective.

Posted by: Alec at August 18, 2008 07:34 PM

Hmm, I find this discussion rather strange... if a cyber attack is done, you want to escalate it to full cyber warfare, right? And so want to define when it will be right to do so.

However, in such a unique situation as this, I think the response should go in accordance to the attack. After all, your government has invested a hefty amount of dollars to develop cyber warfare capabilities, so why not put them in use right away against all hacking attempts against US cyber assets? In order to declare a cyber war, you must know where it came from anyway, and when you know just attack them back. If then a government is stupid enough to cry out against the attack, then your government can ask for an explanation of the earlier attack or escalate the conflict.

Anyway, just a thought. If cyber warfare is such a black ground of ops, where anyone may pull out an attack, then why not do it yourselves against identified targets instead of engaging in diplomatic conflicts?

Posted by: conlad at August 18, 2008 07:07 PM

Brian

I believe Ptsfp meant, in such a case in which the US governement knows about the documents and is allegedly supposed to be part of the protection of said document. As in "hurry over here and hide your stuff in my attic."

In this case, it would obviously be an act of aggression against both the original owner of the documents AND the US government.

Although in such a case where the US government is not part of any protection "deal", eventual collateral damage to US citizens or property could very well be taken as an act of aggression by the attacker and caused by the owner of said documents.

We can keep piling up variables until next thrusday, it won't change the fact that the point here is to find a way to establish definitions for the simplest cases possible : aggressor and victim, without any third party.

Posted by: Alec at August 18, 2008 06:20 PM

ptsfp,

If Country A sends a guy with classified documents into the US without any knowledge of the US, with no diplomatic agreement to protect them, and Country B steals the documents, is it an act of aggression against the US? I don't think it is.

Posted by: Brian at August 18, 2008 04:46 PM

Let me answer your question with another. Is it legal to hack into someone's website?

If it is a crime for someone from company "A" to nefariously penetrate Company "B's" network, why would it not be considered an act of aggresion if a foreign country does it?

Let's take the "Cyber" out of it. If documents from an ally nation were brought into the United States for protection, and foreign operatives tried to steal or manipulate them, would it not be an act of aggression? Would not we use every available means to protect the documents?

On the other hand, it is very hard to determine who is on the other end of the keyboard. Is it just a bunch of 16 year old kids, or a crack cyberwar team?

I believe that if a country feels free to attack another country with cyberwarfare they should expect a strong cyber response. If a concentrated attack is levied against an ally country, then the countries allies should also respond if the source of the attack is verified.

Posted by: Ptsfp at August 18, 2008 04:02 PM

I will speak in general terms here, I am not aware of every single aspect involved, but I think I can make a few points still.

Obviously, a country shouldn't go to war because a website representing some president somewhere was attacked and crashed. I think an "act of cyber warfare" should be re-defined based on an evaluation of the threat posed by an attack. To get such a "scale of threat" I believe treating websites as "legal individuals" should be a basic starting point.

Here's a situation to get us started. The USA would not go to war if Joe Terrorist shoots one random citizen in the streets and claims he did it for Country X. However, if the same Joe Terrorist shoots an important person of the government, let's say the President himself, and he again claims to be doing this for this Country X, then chances are the option of going to war with Country X will be taken as a serious option. Same situation ending in two completely different results by switching the targeted person.

I guess the same principle could be applied to websites. Attack and crash a certain website, it's a "simple" crime. Attack and crash another certain website, and it's an act of war. Then quantities should play an important role as well, attack and crash 1 or 2 unimportant websites, it's a "simple" crime. Attack and crash 10-20 thousand unimportant websites, and it becomes an act of war.

See websites as if they were people, legally speaking, and I think you'd be able to build up a fairly efficient definition of "cyber-warfare".

If anyone sees flaws in this, please, point them out. This is just the best I could come up with.

Posted by: Alec at August 18, 2008 02:54 PM

That is a *very* interesting question.

On the one hand, it is an attack upon a US citizen/corporation which is located on US soil. That would push me to believe that we should treat it as an act of aggression against the United States.

On the other hand, remember what this is, a telecommunications company providing services to a foreign nation. Let's look at it with some measure of practicality -- do we want to commit ourselves to the protection of every foreign government/organization that buys a website for fifty bucks? To what degree are we as a nation exposing ourselves or overextending ourselves? Do we want other nations flocking to put their public government websites on US servers to prevent the threat of cyberwar, like an internet insurance policy?

We could find ourselves in an awkward position if this were to happen. Let's say that seperatist group #4 claims to be the legitimate government of backwardass country #6. They put their "official government-in-exile website" on a server based in the US, along with statements on how they plan to violently overthrow their current government and instructions on how you can help. Do we want to make the US insure the safekeeping of this group's cyber affairs? (Ideally, diplomatic discussion would cause the US to bring down the site, but since this is a hypothetical, we can say there may be certain factors which limit the speed at which the US can act in this instance).

Honestly, US companies need to know the danger to which they may expose themselves and the responsibilities that they are undertaking when they agree to host a website that may come under attack by a foreign power. If the policy of the United States is "foreign nations are fair game", then US companies may wish to limit their exposure and deny any high-profile websites that face attack. A company that has a factory in Nigeria undertakes certain risks when it builds that factory -- shouldn't a telecommunications company be aware of those same risks, even if they keep their servers here at home?

The real question is, are we willing to go to war over this? If the Georgian President's website WERE attacked by Russia, what should our response be? I don't think the American people are willing to go to war with another country simply because the website for Kreblakistan had 40 million hits in 30 seconds and crashed, even if it made their internet slow down on Tuesday afternoon. I don't think we have the political will to consider an attack on a US server which happens to host the website of a foreign nation at war to be an attack on the US itself. Not unless it proves to be part of a larger attack that actually is directed at the United States.

So should the US make promises it can't (or won't) keep?

Posted by: Brian at August 18, 2008 01:21 PM