back to article Stuxnet ≠ cyberwar, says US Army Cyber Command officer

While “cyber* operations” are becoming an increasing focus of both government and private research, legal frameworks are failing to keep pace, the US Army Cyber Command operational attorney Robert Clark has told the AusCERT security conference in Queensland. As noted earlier by F-Secure’s Mikko Hypponen in his keynote address to …

COMMENTS

This topic is closed for new posts.
Silver badge

Policy-makers

if policy-makers are only informed by the catchphrase and not the definition, they will make bad policy.

I suspect policy-makers don't feel any need for a definition.

3
0
Silver badge

"the US Army Cyber Command operational attorney Robert Clark"

What the fuck does a fucking lawyer have to do with the army's computer security? Oh ... Never mind. He used the term "cyber" in supposedly serious commentary. He's a fucking idiot and can be summarily ignored.

"including deciding that “our cyber-security must be based on law or the [US] Constitution,” Clark said"

So he's pro revoking the obviously unconstitutional "patriot" act, then?

"Clark agrees, but said he can’t avoid using it, given his job description."

So he's only in it for the bucks, then? Isn't actually interested in making a difference? Typical cowardly political appointee slime-ball ...

1
8
Meh

Re: "the US Army Cyber Command operational attorney Robert Clark"

So by using potty-mouth talk to reinforce your point, and of course because of your own credentials in this field, I should ignore this person?

Why not say 'i think he's an f-in' idiot', etc. ? Then, back it up with sources that he is indeed.

Then i'll be possibly more inclined to agree with you.

Not that i'm saying that he is or isn't an authority in his field. Dunno, haven't read up on this guy. Just your language rubbed me the wrong way.

In general, lately most of the remarks posted here and on other articles are going nowhere beyond 'the Reg must be in cahoots with <supplier of gear>' and 'this guy must be in it for the money', etc.

Do try a bit harder to come up with something worthy of discussion, please?

Now, get off my lawn!

*grumpy*

4
1
Thumb Down

..so what WAS StuxNet if not a 'cyber-attack'?

No point telling us what StuxNet WASN't... setting aside the rights and wrongs of the need for the effort completely - if a deliberate, well planned, well funded, brilliantly coordinated, multi-front assault by one or more sovereign nations against extremely well protected, national security assets of another soveriegn nation does not qualify as a 'cyber-attack' just what the f$%k DOES?

Pray Tell elReg... because this article sure as hell doesn't (paint me extremely dissappointed - the reporting standards are slipping again)

4
0
Silver badge

Re: ..so what WAS StuxNet if not a 'cyber-attack'?

I think he's working with the 'single campaign does not a war make' philosophy. I've seen other real generals post similar thoughts. They may have concerns about how cyber operations affects an actual attack, but unless the cyber attack itself generates actual human casualties, it isn't an attack. They tend not to attempt to address the "if patients at a hospital die as a result of a coordinated/state planned malware attack, does they constitute casualties" question.

I'm wishy-washy on this point. I see and understand what they are saying, and agree to some extent, but also think the concept of a cyber attack is a useful one in other contexts. It may be a bit like the old justice's definition of porn, we might not be able to define it, but we'll know what it looks like after the first one happens. Until then, they are pre-cursors and not real cyber attacks.

1
0
Joke

Re: ..so what WAS StuxNet if not a 'cyber-attack'?

An internet hoax.

0
0
Big Brother

Cyber cold war?

Disinformation by the US? If StuxNet wasn't a cyber attack, then are we in in a cyber cold war of some sort at present? That how I'm read the situation.

No direct military action at present but nations are jockeying for an edge in a new strategic arena

2
0
Silver badge

Re: Cyber cold war? Where genius meets idiocy and decides IT can easily rule without crooked laws

Quite so, Beer_M0nster, but it must not be forgotten and always remembered that nations actually do nothing at all, and it is just individuals acting as if national/international/internetional authorities, which stick you with rules and regulations which ring the system in their favour ....... ergo is it a much more personalised intelligence head game in a field which IT makes real but which cannot be defended or employed by fools and fools' tools against significantly more intelligent virtual forces who would immediately recognise the desperation of cyber attacks against vapourware foes just to project in order to try and protect an untenable, intellectually bankrupt and artificially manufactured/media pimped and pumped lead position as one battles in vain against anonymous and invisible and therefore untouchable, ever increasingly superior odds stacked in pipelines and metadatabase centres/content management systems for the free share and use of smarter beings.

And the beautiful, remarkable stealth which allows everything to be placed into effective shadow control position, is that you cannot believe how stupid is Man and how much smarter are others who would share what you would need to be knowing to prevent Colony Collapse and Ignorant Mayhem

...... http://www.ur2die4.com/?p=2225

0
2
WTF?

Huh?

"ergo is it a much more personalised intelligence head game in a field which IT makes real but which cannot be defended or employed by fools and fools' tools against significantly more intelligent virtual forces who would immediately recognise the desperation of cyber attacks against vapourware foes just to project in order to try and protect an untenable, intellectually bankrupt and artificially manufactured/media pimped and pumped lead position as one battles in vain against anonymous and invisible and therefore untouchable, ever increasingly superior odds stacked in pipelines and metadatabase centres/content management systems for the free share and use of smarter beings."

Probably the longest "sentence" I've ever read; ever!

0
0
Silver badge
Paris Hilton

Re: Cyber cold war?

Quite so, Beer_M0nster, and from the phrase, "more precise definitions needed to invoke laws of armed conflicts", I take it Clarke wants to make it clear that "we" (US + allies) can do this to "them", but "they" are definitely not allowed to shoot back.

But, no worries, it seems Richard Clarke is outranked by Mikko Hyppönen now, I mean, with a job title like Dick's, and he only gets a stream speaker slot?

@DanDanDan... you READ amanfromMars 1's posts? Wow!

0
0
Silver badge
Megaphone

cyber = bollocks!

"cyber"- prefix, appended to words by people in positions of power in order to attempt to raise the fear or threat of danger in others equally lacking in understanding of the situation at hand.

Examples include, "cyber-terrorist", "cyber-activist", "cyber-war" and "cyber-threat".

0
0

Re: cyber = bollocks!

Yes, cyber-bollocks, cyber-fud, cyberrhea

but cyber-funding is what its all about

0
0
Silver badge

Re: cyber = bollocks!

Just be ready to grind up the wedding ring if the Cybermen come. Borg will get the court papers any day now.

0
0
Bronze badge
Facepalm

Never thought I'd come to hate the word "cyber"...

But there it is.

Funny thing is, in my teens I'd get saddened by the thought that we'd never get the Internet to be called "cyberspace" – but now that IT and security pundits can't stop their traps from blurting "cyber" every other second, I can't stand hearing it being called that. Guess we should really be careful with what we wish for...

0
0

our cyber-security must be based on law or the [US] Constitution,

How about:

our cyber-security must be based on law AND the [US] Constitution,

4
0
Facepalm

Is anyone dead from a cyber-attack yet?

Until someone dies because of a so-called 'cyber-attack,' this isn't cyber-war. That's my definition.

0
0
Stop

Steps required to prevent "cyber attacks"

1. Don't connect important stuff to the internet

2. Stuff that is connected to the internet, make sure you have a non-connected backup system (you know, like there used to be before the internet was invented)

3. That's it.

OK, so when there's an "attack" things happen a bit slower and more inconveniently but it's not going to hurt anyone.

And who cares if FaceTwitterTube+ goes offline. Oh, wait, the sheeple will have to face "real life" TM.

1
1
FAIL

Re: Steps required to prevent "cyber attacks"

Soooooo. How do you suggest we monitor or manage these important things? Dedicated Leased Lines?

0
0

Re: Steps required to prevent "cyber attacks"

How about... A human? It was not that uncommon to have humans check 'important things'.

I do understand - as a business you want to save money, so you find ways of keeping the company afloat while cutting the work force.

Then, you introduce these 'computers' as a replacement. But, if it's so critical to your business, why have it exposed in such a way that any script-kiddie could access that 'critical' device? Or do companies simply not think about the ramifications of having this accessible for people that are trying to do 'bad things'?

If that's the case, these decision-makers should be fired, and the companies supplying these insecure technologies should be pushed out of business.

Why would a local water reclamation company be making their filtration pumps accessible for the outside world?

The mind boggles.

On the other hand - a novel way of creating a whole new line of business, don't you think?

0
1
This topic is closed for new posts.

Forums