TCS Daily


By Johnny Ryan - August 13, 2007 12:00 AM

The "virtual siege" of Estonia in which distributed denial of service attacks shut down important banking, government and media websites throughout late April and May 2007 is an example of "iWar". The Estonian example should be considered as a sign of things to come.

A short time from now it is likely that a new form of Internet based warfare will erupt across the globe. The potency of this iWar will grow as the economies of the world steadily embrace the Internet to deliver services. At the same time, iWar will maintain its ease of adoption and low cost. iWar may also maintain its deniability.

These two key trends - cheap, deniable warfare and increasing vulnerability to attack - are likely to result in a conflagration of iWar. This new form of warfare can be waged by individuals, communities, corporations, nations and alliances. The economic toll of a conflagration could be enormous.

It is important to note that iWar is distinct from what the US refers to as "cyber" war, or from what China refers to as "informationalised" war. Cyber and informationalised war envisage a combination of controlling communications, maintaining access to imagery intelligence, electronic espionage, and operations command and control. In contrast, iWar is a term coined here to denote a type of warfare involving consumer technologies and civilian assets, in which any actor can participate. Distinct from signals intelligence and high-tech interception, iWar refers to small sub-national actors using freely available technology to attack. While nation states alone can engage in cyber, informationalized war, the individual person, the corporation, and state are all capable of waging iWar. In effect, iWar is to the iPod what a cyberwar is to the Vienna State Opera House: iWar is light, cheap and operable by individuals. Like the iPod, iWar is convenient.

iWar is unencumbered by the traditional impediments to action that constrain actors from waging conventional war. Five factors give the iWarrior freedom of action undreamt of in previous martial eras. First, iWar is easy to adopt. Second, iWar requires little specialisation and is unburdened by the specialist/social/herarchical constraints that apply to military establishments. A state with an average level of computer literacy could mobilise the population to wage iWar. This also empowers individuals and communities to equip themselves to wage iWar against their own state, or any other. Third, the use of iWar is unencumbered by geography or the expense traditionally associated with the projection of force. Fourth, iWar appears to be deniable. Fifth, if one nation launched an iWar campaign against another, it is unclear whether a traditional military response to attack such as bombardment and occupation would be legitimate.

In parallel to the ease of adoption and transferability of iWar, the utility of the Internet will foster the development of new applications of the Internet that are legitimate, and may become increasingly essential to daily political, social or economic life. Services will increasingly migrate to online interaction with customers, and governments may begin to rely on the Internet to interact with their citizens. The Estonian Government, for example, defined Internet access as a legal right in 2000, and approved Internet voting for local and parliamentary elections in 2002. Already, Internet banking is an established standard and has allowed banks to close down and sell physical premises. New Internet services, such as the cash transfer facility on Skype, are increasingly used to transfer remittances from the developed world to family members in the developing world. Internet delivery of media content now competes with orthodox physical content delivery of newspapers, music and advertising. In 2006, spending on advertising on the Internet overtook that of national newspapers for the first time ever in the UK.

Yet as individuals, communities, corporations and nations leverage the potential of Internet consumer technologies they increase their vulnerability to iWar. Accordingly Estonia, which was an early adopter of Internet technology across the public and private sectors, is particularly threatened by iWar. Estonia's Justice Minister described the DDOS attacks on Estonian websites as "an organised offensive against the ... infrastructure of the state in general". The Defence Minister called the attacks "a national security situation. It can effectively be compared to when your ports are shut to the sea". According to the Government's Informatics Centre, there are almost 800,000 Internet bank clients in a population of almost 1.3 million people. Ninety five percent of banking operations are carried out electronically. During the virtual siege Hansapank, Estonia's biggest bank, and SEB Eesti Uhisbank, Estonia's second largest bank, were attacked and the banks were rendered unable to interact with customers. In a nation with few physical bank branches, this is particularly alarming.

iWar is made possible by the ubiquity of Internet communications, yet its effectiveness is greater when waged against the adversary who has embraced the Internet most fully. iWar arises from the empowerment the individual, and yet it can be waged across entire nations or continents by many people. The advent of iWar reflects the trends of the new century: the spread of the Internet, its empowerment of individuals, and the relative decline of the power of the state to control information and, increasingly, communications infrastructure.

The author is Senior Researcher, Institute of European Affairs a policy think-tank based in Dublin and Brussels. He is author of Countering Militant Islamist Radicalisation on the Internet: A User Driven Strategy to Recover the Web.



Oh, the horror!
This site has become the Weekly World News of the political blogs. This story is right up there with "Hitler clones stored in caves in Argentina".

DOS attacks shutting the web down? Imagine those hundreds of thousands of web junkies having to put on pants and wander out into the streets, looking for stimulation. They'll actually have to get a life.

Those who haven't put on sunscreen will shrivel and blister under the unfamiliar rays of the August sun. This will be a tragedy of unparalleled severity!

Live Free or Die Hard
Was the scenario for that movie too far fetched?

...until they pry my Blackberry out of my cold, dead hands
It sounds like you've finally found a cause you can make your stand on.

I really though Roy had set an unassailable record of public foolishness, he translates one of his ill-considered tantrums into words and lowers the bar.

So it is, even when the topic doesn't lend itself to viewing undering his socialist myoeiascope, Roy manages to cobble together equal parts of condescencion and blither to produce an unusually bitter tonic.

However, while thinking people of all political persuasions wonder if the migration of all sorts of essential functions such as finance and communications to the web creates a vulnerability, Roy offers us thoughtless dismissal.

Of course the question remains, how did Roy become so acquainted with the deficient publications-and if this is so bad, why is he such a relentless poster?

This is a passing threat
When IPv6 is rolled out over the next few years, the much larger address space will allow us to segment our networks and code IP addresses to physical locations. iWar will just set up an alert so that all routers will only pass traffic based out of address space that is geographically coded and within the reach of the local police. The international links can be taken down but any domestic penetration will be resolved quickly and with little fuss.

That doesn't mean that it won't be a pain in the neck but it will soon be a nuisance and not a threat.

I have to agree
Even now it's far more a threat to the backbone providers than the end points. It's pretty easy to detect and a quick adjustment to your firewall policy ends the attack from each node. The problem today is that attacks are made from thousands of zombies simultaneously and even if you stop them at your firewall your pipe gets flooded. Tomorrow the providers will catch them at the origin and no one will notice.

...but getting from here to there is going to be painful
Securing the internet ecosystem is the same as securing any other ecosystem. Sites that have soft security are easy pickings until they're attacked. Then, as the security improves, the attacks become more sophisticated. Eventually things stablize as the bulk of the security holes are plugged.

This happens in biological ecosytems all the time, and they eventually become stable. But that doesn't mean that there isn't the occaisional die-back on the road to stability.

Practically, I think this means that there is a serious threat of a handful of devastating attacks over the next few years. Those attacks could do great social damage for a while. A proactive move to secure critical services is essential--and mostly seems to be happening. But there's always some joker that doesn't get the word in time.

give him credit...
In his ideal world there's no internet access (except for the elite of course) and that access so heavily screened and completely cut off from the outside world that there's no risk for foreign (or domestic) enemies of taking it down.

So in his ideal world there's indeed no problem.

sad and lucky
sadly the most vulnerable to attack (and of being turned into zombies) are those who deny such vulnerabiity and wouldn't know how to cure it if it hit them, the large numbers of small companies and individuals who purchased Linux servers (and sometimes workstations) because they were told by some self-proclaimed "expert", aged 20, that Linux is "secure" and invulnerable to attack.

It's sad because of the number of people involved and the reason why they're at risk, it's lucky because they're hardly an essential part of the worldwide internet as a whole so even loosing all of them wouldn't do great harm on a global (or even national) scale.

Is this really important?
Let's assume your world view for a moment, and assume that DOS attacks are perpetrated solely by evil leftists, and pose a threat to Right thinkers and Right bloggers everywhere.

Is that for real? You're pointing to a single instance of a suspected DOS attack. The last ones I recall before that were several years back, and were committed by ultraright pro Israelis against Palestinian web sites. I'm thinking this is a tactic that's well known by now, and still is hardly ever used against anyone. It sure doesn't look like any sort of threat.

Why don't people use it more? Because it backfires. In fact it backfires so badly that when we do see it, a proper skeptic automatically starts to wonder whether the blocked site perped the attack on itself, just to drum up business for when it returns to the ether.

So I can't tell you if there was an actual attack on climateaudit, or whether it was an auto-attack. We just don't know. What I CAN tell you is that it's not a harbinger of anything. It's no big deal.

And if it ever does become a big deal it will take the spam fighters about half an afternoon to figure out a fix for it.

The crushing of dissent
You're happy with a future in which all IP addresses are linked with physical addresses, names, SS numbers and credit histories. But I'm thinking the achivement of the Total Surveillance Planet may not end up to be entirely beneficial for you any more than it would be for me.

You do understand, I hope, that a technology designed to detect Bad Guys unlawfully perping DOS attacks on innocent web sites will also be used to identify and track political targets? Wasn't that the case when Hoover was at the FBI? And is it any less the case today?

Sure, it's okay when they're just tracking islamo fascists and flaming leftos like me. But what if the political picture changes? Then the powers that be might be using the same technology to track YOU.

And by then our first and fourth amendments will be but a memory, having been dismantled back in the Bush Era. You'll be up S Creek.

To me, eliminating DOS attacks with this kind of technology creates a greater threat to our freedom than it does a solution to the problem. Instead, why not encourage smart college kids to come up with a program that identifies DOS attacks and dumps them into the garbage can?

TCS Daily Archives