Computer Security · Cyber Crime · cyber security · Cyber warfare · cyberwar

Let’s put real war into cyberwar

Zapatistas (Photo credit: Wikipedia)
Entrance to the Alderson Federal Prison Camp i...
Entrance to the Alderson Federal Prison Camp in Alderson, West Virginia (Photo credit: Wikipedia)

A friend of mine semi-seriously tweeted this today:

As long as hackers do not fear kinetic response this will continue. Start whacking folks and watch changes.

So my mind began spinning up…   uh, oh.  You know trouble is brewing whenever I start thinking.  Just ask my students…

Why isn’t cybersecurity effective?  Because we’ve already admitted defeat.  Here, here and here.

Way back when dinosaurs were still walking the earth (or so it seems), I was an infantry officer.  This was after many years as a Special Forces enlisted soldier on an ODA, so I was a wee bit more motivated than most 2LTs. One of the sayings we always repeated was ‘in the absence of orders, attack.’  I feel badly for my poor first Platoon Sergeant, he retired about eight months after I took over.  I ran the heck out of him. On every training exercise I always said something like “Attack.  Take that hill!”  Of course we’d fire and maneuver and beat the heck out of our poor bodies and arrive at the top of the hill bloody, exhausted and drenched in sweat.  After a while, here would come my poor Platoon Sergeant, dragging his rifle on the ground saying “I’m too old for this stuff” (obscenities artfully edited).  But I tell you, these guys were good.  I’m sure the whole Soviet intelligence apparatus were quaking in fear at the thought of taking on my platoon.  …well, that’s how we felt! But I digress.

What I’m trying to say, is that currently hackers have nothing to fear.  The most that can happen is their computer might be confiscated, they might spend a few cozy months languishing in some minimum security prison, and then get recruited into an offensively oriented corporation or even into the military upon their release.  I mean, what kind of “carrot and stick” strategy do we have that is all carrot and no stick?

How about a little “active defense”?  I’m not talking about the ‘active defense‘ waged against the Zapatistas in 1998, which the attorneys judged this tactic to be offensive in nature, and therefore illegal.  I’m talking about a tiny little 250 pound, metal encased, kinetic type explosive, laser guided munition that would put a little fear into any little punk attacking a US website.  Permanently.  That might make a potential script kiddie rethink his lifestyle sometime down the road, don’t you think?

Attribution, you say?  Well… let’s wait for that one perfect test case where we know the little punk has his fingers on the keyboard and then worry about the collateral damage…  Illegal?  Oh come on.  Cyber punk is stealing Intellectual Property worth perhaps billions to some countries and you’re worried about removing this parasite?

Well…  okay.  My fantasy is over.  But please, before you read your next blog, think how effectively the message would resonate throughout the illegal hacker community if one of these little festering bugs was ‘accidentally’ squashed.

…or don’t.  Just ‘leak’ a rumor that we did…  …and yes, I am for hire.


4 thoughts on “Let’s put real war into cyberwar

  1. Joel

    I am thinking of War Games the 80’s movie….some dungeon and dragon geek on computer ….Do You Want To Play a Game? How about thermonuclear war?l…

    Ok so now he hacks in and with the next key stroke he gets an electrical shock…or even electrocuted….us this what you are saying? Wow….

    Of course I hope the hacker/cyber terrorist doesn’t look like Matthew Broderick

    And I did not know you were in the great war…wow…lol..but we need more balance between hard and soft power….Joe Nye, political scientist from Haaaaarvaaard…:).calls it smart power……I just think about other examples of the lack of hard power….ie North Korea violated the international agreements and launched a rocket…and all we had to do was issue a harsh press release….the lack of a hard power response from our side undercuts our soft power and our ability to lead… consistency in policies


    1. Hang on a second, you young whippersnapper, I need to put in my dentures. *glomph* Okay… the Great War? They’re all great…

      That would be a neat trick, sending an electrical shock through the wires. While not currently possible (no pun intended), perhaps it might be in the future?

      We’re so politically correct, you’re absolutely correct, all carrot and no stick. At the same token we’ve been over-committed on two major conflicts for the past 11 years and we’re sick of it. Isn’t that rail gun operational yet? How about lightning bolts from the sky and punish the bad guys? Actually I heard of this program called Global Strike… yeah, but we need a leader who can actually pull that trigger. I expected something to happen to the North Korean missile launch. Maybe something did and we just didn’t know…

  2. Joel

    True. maybe we did respond covertly who knows and we can neither confirm or deny. I will admit and give credit to the current adminsistrations decisons regarding covert ops to target Osama Bin Laden- great job….so I am being fair….but on the whole I think we have not been consistent. Certainly, we must be balanced in world affairs and be careful not to insight a regional or global confrontation….but at same time weakness can also invite confrontations. It is a delicate balance and I don’t think any one person has all the answers- and there certainly isn’t a one seize fits all solution as it may take many means and many angles to look at problems in the world to confront the complex challenges we take. I am getting grey hairs…it is not fair…..but true I am still younger than you…but you of course are wiser..;) (Is that PC for you? LOL)


  3. Without appropriate consequences, there is no deterrence to cyber attacks. Cyber crime is considered a white collar crime, so the punishment fits. It’s hard to say that a script kiddie deserves to share a cell with murderers and rapists though, don’t you think? But at the very least, couldn’t we make it illegal to hire people convicted of cyber crimes? It’s a tough pill to swallow, thinking about people benefiting financially and getting jobs because of their crimes.

Comments are closed.