Countries should be held responsible for cyber attacks

Attribution is one of the biggest problems on the internet when it comes to cyberwarfare. How do you hold a nation responsible for malicious attacks if you can’t determine whether or not the activity was state-sponsored?

Retired General Michael Hayden, former director of the US National Security Agency, said on Thursday that one solution being discussed in government is to simply forget about trying to determine if the source of an attack is state-sponsored or not and hold nations responsible for malicious activity coming from their cyberspace. His words were greeted with applause from the audience of computer security professionals.

“Since the price of entry is so low, and . . . it’s difficult to prove state sponsorship, one of the thoughts . . . is to just be uninterested in that distinction and to actually hold states responsible for that activity emanating from their cyber space,” said Hayden during his keynote address at the Black Hat security conference. “Whether you did [the attack yourself] or not, the consequences for that action [coming from your country] are the same.”

Asked later for examples of what the consequences to a nation might be, he suggested the idea of some kind of cyber exile or a response that would thwart the flow of the internet from the suspect country in a way that would slow their cyber commerce and ability to communicate.

Hayden, who is currently a principal at the Chertoff Group, a security consultant company founded by former Homeland Security Secretary Michael Chertoff, focused his talk on cyber warfare and acknowledged that the term is thrown “pretty much at anything unpleasant.”

He said the US military doesn’t consider intelligence attacks acts of war but the kind of “normal espionage thing that routinely happens between states.”

“Without going into great detail, we’re actually pretty good at this, and the Chinese aren’t the only ones doing this,” he said.

Outside of this, the US and international community haven’t made much progress in determining what would actually constitute an act of war in this domain, but he said there have been some initial discussions about the idea of having global agreements to restrict certain kinds of activity. He cited denial-of-service attacks as an example of one that could be restricted under some kind of Geneva Convention agreement on the rules of cyberwar.

“That is such an easily available weapon that we [might decide we] ought to stigmatise its use that adult nations don’t do it and they don’t allow it to happen from their sovereign space -- that’s one thought,” he said.

He also said ideas have been raised about forming the cyber equivalent of demilitarized zones for sensitive networks, such as the power grid and financial networks, that would be off-limits to attack from nation states. He acknowledged that this contradicts the view in kinetic warfare where attacks on power grids and other infrastructures are considered legitimate targets.

In a press conference following his talk, Hayden was asked about cyber espionage and whether the US considers collateral damage that could occur as a result of such activity by the US, such as an incident that reportedly occurred in the early 80s in Russia.

In 1982, the US reportedly sabotaged the Siberian pipeline through a logic bomb planted in software, causing an explosion. After the US learned from a Russian scientist that the Soviets were stealing data on US technology, the CIA hatched a plot to insert the logic bomb into software headed to Russia to operate pumps, valves and turbines on the Siberian natural gas pipeline. At a pre-programmed time, the malware caused excessive gas pressure to build on the valves, resulting in an explosion that was captured by orbiting satellites. Although there were no human casualties, there might have been under different circumstances if the explosion had occurred in a populated area.

Hayden acknowledged during his keynote that there are problems with anticipating consequences of cyberwarfare attacks.

“You can never do anything in this domain without something going pop in [the physical world],” he said. “At the end of the day, it really isn’t a video game and something’s going to happen in somebody’s physical space.”

He added that in considering the possibilities for collateral damage from a cyber attack, generally the military considers whether the good that is perceived to come out of an action greatly outweighs the possible unintended consequences. But with cyber attacks, the consequences can be much less predictable.

“When you do this, are lights still going to be on on the eastern seaboard?” he said. “When you do something in the cyber domain you’re asking a policy maker to accept a risk that’s probably a little less measurable than a parallel operation outside of cyber space. . . . The thinking on cyberstuff is so immature that if we’re not careful they’ll become the special weapon of the 21st century like nuclear weapons were [in the last century] that you really had to have the president in the room before you could use them.”

Hayden was asked about Wikileaks and the possible repercussions that will come from the secret-spilling site publishing 77,000 intelligence documents on the Afghanistan war.

“This is an interesting aspect of a cyberwar [that] would not exist in physical space. So how now do we deal with this? Can we sustain espionage? Will it be possible for America to spy if this cultural trend is not modified or muted . . . ?” he said. “We have less control of our secrets than some other states.”

Hayden said the intelligence community will likely push back against open intelligence sharing initiatives that evidently made this and other documents published by Wikileaks vulnerable to leaking. After the 9/11 terrorist attacks, the government made the sharing of intelligence easier to combat criticism that people responsible for defending the country didn’t have the information they needed. As a result, intelligence reports and documents were made available to a much wider group of people in the government and military.

Hayden said “it’s going to take very strong leadership” to ensure that there isn’t a knee-jerk reaction that simply closes access to intelligence going forward.”

ONLINE EDITOR:Olivia Solon









            From WIRED.COM

Froyo yo Hero

I waited ages for the Android 2.1 Eclair update to come to the HTC Hero. I was sick of Legend and Desire owners lording it over my ancient Android, and wired.co.uk News Editor and Nexus One owner Duncan was a proud 2.2 user before I even had a whiff of an upgrade.

When the update finally arrived I was… disappointed. I had access to fancy new functions like turn-by-turn navigation and new apps such as Gesture Search, but all in all the operating system was a bit of a dog. My Hero was significantly slower, and typing messages had become a chore on the newly laggy keypad.

After some hairy experiences in the past, I'd avoided the rooting route. No longer. I came across a site that would let me put Android 2.2 -- Froyo -- on my trusty Hero. It was time to gain superuser control.

The ROM in question is FroydVillain, from the VillainROM team. It's a stock Froyo build, so no HTC Sense. There's a clear installation process on theVillainROM wiki, but I've broken the process down below. It takes about an hour on an Orange or unbranded Hero, but is more complicated for other carriers -- if you're on T-Mobile or Three you'll need to follow the 'Goldcard' method on the wiki. A word of warning -- rooting can brick your phone, but this is rare.

1. Back up your phone and SD card, as both will be wiped. Downgrade your phone's software to the appropriate exploitable version, as shown on the wiki. You'll need HTC Sync. HTC wouldn’t let me download an earlier firmware version for my phone, so I grabbed it from here.

2. Enable installation of apps from outside the Android Market by going into Settings -- Applications and ticking Unknown Source. Now download and install the free Astro File Manager from the Android Market.

3. It's now time to install a custom Recovery Image, which lets you install custom ROMs. Download FlashRec.apk and AmonRA's Hero Recovery Image from the links on the wiki. Copy both files to your phone's SD card over USB. Unplug the phone from your computer, open Astro File Manager and run FlashRec.apk. Follow the instructions in the app to install the recovery image.

4. Download FroydVillain. Copy the file to your SD card. Unplug your phone and turn it off. Turn on your Hero by holding down both the power and home buttons -- this will trigger the recovery menu. Select Wipe, and wipe the first item in the list. You'll need to repeat for every item in the Wipe list to clear your phone completely.

5. Now select Flash zip from SDcard and select the FroydVillain ROM you downloaded. It will install -- be patient, and don’t touch your phone until it's done. Now reboot into your new Android 2.2 operating system -- the first boot takes a while and will have a blank screen for around 30 seconds, so don’t panic.

I found the new OS far faster than the official 2.1 ROM. The stock Android keyboard is more responsive than HTC's Sense version, but you can't hold down the keys for punctuation marks. Apart from that, it's pretty much perfect. I love my Hero once more. 

PHOTO CREDIT:Flickr CC: michperu

|

ONLINE EDITOR:Olivia Solon

From WIRED.CO.UK