Crazed Air Force Colonel Proposes Air Force Botnet
I have previously written about how the Air Force wants to become a major powerhouse in the world of cyber warfare. I think its a great idea in that we need servicemen and women trained in cybersecurity, tactics and methodology behind attacks. But one Air Force colonel is taking the idea a bit too far by proposing that the Air Force create a world-class Botnet. He doesn’t want to infect citizens computers (how nice of him) but wants to use thumb drives in old computers that were just going to be thrown away anyways to seed airforce networks wherever there is a spare jack available.
From the Armed Forces Journal here, by way of F-Secure:
Carpet bombing in cyberspaceWhy America needs a military botnetBY COL. CHARLES W. WILLIAMSON IIIThe world has abandoned a fortress mentality in the real world, and we need to move beyond it in cyberspace. America needs a network that can project power by building an af.mil robot network (botnet) that can direct such massive amounts of traffic to target computers that they can no longer communicate and become no more useful to our adversaries than hunks of metal and plastic. America needs the ability to carpet bomb in cyberspace to create the deterrent we lack.
BUILDING THE AF.MIL BOTNET
Lt. Chris Tollinger of the Air Force Intelligence, Surveillance and Reconnaissance Agency envisions continually capturing the thousands of computers the Air Force would normally discard every year for technology refresh, removing the power-hungry and heat-inducing hard drives, replacing them with low-power flash drives, then installing them in any available space every Air Force base can find. Even though those computers may no longer be sufficiently powerful to work for our people, individual machines need not be cutting-edge because the network as a whole can create massive power.
After that, the Air Force could add botnet code to all its desktop computers attached to the Nonsecret Internet Protocol Network (NIPRNet). Once the system reaches a level of maturity, it can add other .mil computers, then .gov machines.
To generate the right amount of power for offense, all the available computers must be under the control of a single commander.
So Williamson want to not only create the most powerful botnet, but also wants it to spread to every desktop in the .mil and .gov domains. And he wants to allow the Air Force theater commander to be able to press the button of DDoS doom to flood his victims.
Never mind for a second that such a stupid idea would also DDOS the source networks. The Colonel forgets how to defend against a DDoS attack, which is to blackhole ASR’s on the Internet. The ASR is the primary router through which all of the network traffic flows on the Internet. All the rest of the world would have to do to stop this stupid DDoS would be to blackhole the .gov and .mil ASRs and the rest of the world would carry on normally while the .gov and the .mil domains would find themselves cut off from the rest of the world.
I think some people in the Air Force are becoming drunk on their own ideas of power under their new cyber initiatives. And they need to dial back the rhetoric before they find their funding slashed. You want to DoS a network? A guided missile targeted at the facility that hosts the network routers are infinitely more effective and spectacular.