Air Force Aims for ‘Full Control’ of ‘Any and All’ Computers
June 4th, 2008In general terms, vulnerabilities often come about as the result of ignorant managers implementing functionality against the advice of competent engineers, or, if a network has been built with budget constraints that wind up placing security somewhere down the list of priorities.
If the target network has been built properly, however, the Air Force’s fantasies become more interesting to contemplate.
While the piece below, in typical Wired form, gets us thinking along the lines of whiz-bang Area-51 hax0r t0oLz, human factors are likely the most promising vectors in offensive information warfare campaigns—that don’t involve permanently taking down a network or system. Breaking stuff is much simpler.
“Exfiltrating” data out of a network, over the wire, undetected, is not going to be easy if the people who built the target network knew what they were doing and are actively keeping an eye on it. When I say, “It’s not going to be easy,” what I mean is, good luck. If my hashes are valid on all of my applications and my firewall is inspecting every packet… If I look at the firewall/router, there’s no mystery involved with seeing where the connections are going, which applications are talking, and what they’re saying. Hmmm, an encrypted trickle of data going to spooky.af.mil or wherever… That might raise an eyebrow or two.
Via: Wired:
The Air Force wants a suite of hacker tools, to give it “access” to — and “full control” of — any kind of computer there is. And once the info warriors are in, the Air Force wants them to keep tabs on their “adversaries’ information infrastructure completely undetected.”
The government is growing increasingly interested in waging war online. The Air Force recently put together a “Cyberspace Command,” with a charter to rule networks the way its fighter jets rule the skies. The Department of Homeland Security, Darpa, and other agencies are teaming up for a five-year, $30 billion “national cybersecurity initiative.” That includes an electronic test range, where federally-funded hackers can test out the latest electronic attacks. “You used to need an army to wage a war,” a recent Air Force commercial notes. “Now, all you need is an Internet connection.”
On Monday, the Air Force Research Laboratory introduced a two-year, $11 million effort to put together hardware and software tools for “Dominant Cyber Offensive Engagement.” “Of interest are any and all techniques to enable user and/or root level access,” a request for proposals notes, “to both fixed (PC) or mobile computing platforms… any and all operating systems, patch levels, applications and hardware.” This isn’t just some computer science study, mind you; “research efforts under this program are expected to result in complete functional capabilities.”
Unlike an Air Force colonel’s proposal, to knock down enemy websites with military botnets, the Research Lab is encouraging a sneaky, “low and slow” approach. The preferred attack consists of lying quiet, and then “stealthily exfiltrat[ing] information” from adversaries’ networks.
But, in the end, the Air Force wants to see all kinds of “techniques and technologies” to “Deceive, Deny, Disrupt, Degrade, [or] Destroy” hostile systems. And “in addition to these main concepts,” the Research Lab would like to see studies into “Proactive Botnet Defense Technology Development,” the “reinvent[ion of] the network protocol stack” and new antennas, based on carbon nanotubes.
raditionally, the military has been extremely reluctant to talk much about offensive operations online. Instead, the focus has normally been on protecting against electronic attacks. But in the last year or so, the tone has changed — and become more bellicose. “Cyber, as a warfighting domain . . . like air, favors the offense,” said Lani Kass, a special assistant to the Air Force Chief of Staff who previously headed up the service’s Cyberspace Task Force. “If you’re defending in cyber, you’re already too late.”
“We want to go in and knock them out in the first round,” added Lt. Gen. Robert Elder, commander of the 8th Air Force, which focuses on network issues.
“An adversary needs to know that the U.S. possesses powerful hard and soft-kill (cyberwarfare) means for attacking adversary information and command and support systems at all levels,” a recent Defense Department report notes. “Every potential adversary, from nation states to rogue individuals… should be compelled to consider… an attack on U.S. systems resulting in highly undesireable consequences to their own security.”
The last paragraph says it all. It seems to me that their claims are exaggerated to place doubt and fear into the minds of the opposition.