The cyberwar will not be streamed
Brian Krebs on careless use of 'cyberwar' terminology in the wake of Wikileaks
By Brian Krebs
December 20, 2010 — CSO —
In early 2000 -- ages ago in Internet time -- some of the biggest names in e-commerce were brought to their knees by a brief but massive assault from a set of powerful computers hijacked by a glory-seeking young hacker. The assailant in that case, known online as Mafiaboy, was a high school student from a middle-class suburban area of Canada who was quickly arrested after bragging about his role in the attacks.
It wasn't long before the antics from novice hackers like Mafiaboy were overshadowed by more discrete attacks from organized cyber criminal gangs, which began using these distributed denial-of-service (DDoS) assaults to extort money from targeted businesses. Fast-forward to today, and although vanity DDoS attacks persist, somehow elements in the news media have begun conflating them with the term "cyberwar," a vogue but still-squishy phrase that conjures notions of far more consequential, nation-state level conflicts.
Also read Krebs' FCC must make ISPs crack down on spammers
If any readers have been living under a rock these last few weeks, I'm referring to the activities of Anonymous, an anarchic and leaderless collection of individuals that has directed attacks against anyone who dares inhibit or besmirch the activities of Wikileaks, an organization dedicated to exposing secret government documents. To date, the Web sites attacked by Anonymous include Amazon.com, EveryDNS.com, Mastercard.com, Paypal.com, and Visa.com, among others.
I could find no entry in the latest Merriam Webster dictionary for "cyberwar," but I'm guessing that when the word does appear it will attempt to define a virtual conflict between nation states and/or industries designed to give the aggressor some kind of immediate or long term strategic, tactical or economic advantage.
The consensus of experts seems to be coalescing around a definition of cyberwar in which either the attack is launched in combination with a kinetic or traditional physical assault, or is conducted stealthily (the Stuxnet worm probably fits this latter definition). In either case, it is highly likely that the cyber element of an attack won't be clearly understood until well after the damage is done.
Members of Anonymous have claimed that their attacks are against those who threaten the free speech rights of Wikileaks, but recent actions by some members reveal the thinness of this claim: On Thursday, Anonymous members began attacking and subsequently disabling the Web site of Arbor Networks, after the latter posted a lengthy analysis showing that earlier Anonymous attacks were simple and paled in comparison to more directed and serious attacks.
"Despite the thousands of tweets, press articles and endless hype, most of the attacks over the last week were both relatively small and unsophisticated. In short, other than intense media scrutiny, the attacks were unremarkable," Arbor's Craig Labovitz wrote.
True, most of the classified cables released by Wikileaks so far haven't exactly been bombshells, but even the more banal and obvious leaks appear to have already damaged U.S. relations with other nations. At the same time, the mass publication of classified documents by Wikileaks isn't helping the cause of individual free speech -- namely, proposed protections for journalists and for lone whistleblowers who speak out. For example, the U.S. Congress has all but closed up shop until January, without passing either a federal journalist shield law or a whistleblower protection law: In both cases, opponents cited Wikileaks as a major reason for withholding full support of the measures.