back to article USAF Colonel goes on the offensive with botnet destroyer plan

After watching the US military infrastructure get kicked around like a playground weakling, an Air Force colonel wants to strike back by building a massive botnet that would mount massive denial-of-service counterattacks on adversaries that attack US networks first. In a recently published article, Col. Charles W. Williamson …

COMMENTS

This topic is closed for new posts.
  1. Herby

    Why not destroy the 'bots'

    While it looks OK "on paper", the real objective is to "take out" that part of the machine that is the actual "bot" (the malware). The only problem with this action is that it will probably require some actual thought, which as the oxymoron "military intelligence" indicates is probably lacking. The whole process will most likely be outsourced anyway, probably overseas (where the problem started).

    Meet circular reasoning. (*SIGH*)

  2. Anonymous Coward
    Paris Hilton

    Col. Charles W. Williamson III is working on his future career

    With this level of ignorance and his ability to get promoted, he is obviously going into politics.

    God bless America

    Paris Hilton cos she's, well, ditsy like that. Bless.

  3. Steve Evans

    Oh gawd...

    So since the arms limitation treaties won't let him have any new bigger nukes to play with, he needs to find another huge weapon he can have that is bigger and better than the rest of the world. (Is it compulsory for all US military men to have micro-penises or do they have them done surgically to render them safe from female double agents?).

    So whilst the US of A declares war on 1,000,000 home PCs across the globe, anyone from outside the US of A will wonder why they seem to be having problems visiting any US hosted website as the pipes coming out are all clogged up with Uncle Sam's cyber-nuke fest.

    I'm sure the ISPs will love that!

  4. ZM
    Dead Vulture

    Oh, just do it...

    Frankly, I don't understand why we can't just kill those computers, anyway. Create an exploit that disables their network drivers and puts a message up on the screen saying "Hello, numbnuts, your computer's been hacked, please fix it." Or, heck, even just patch the exploit itself.

    Sure, it's a grey area, and some people have "ethical concerns" over whether it should be done or not, but frankly, if it can be done, it should. Fix them and move on.

  5. Alwyn Tan

    This reminds me of......

    http://en.wikipedia.org/wiki/Skynet_%28Terminator%29#Terminator_3

  6. lglethal Silver badge
    Coat

    Here's an idea

    Why not a massive bot net that attacked users machines and installed the latest versions of anti-virus and anti-malware software, and fixed all those exploits that allow virus and malware to take control.

    That way it could be viewed by the world less as an attack and more of a mass immunisation program. The world likes mass immunisation programs...

  7. Andy Bright
    Thumb Up

    I like it.

    "His proposal is one of the more hair-brained ideas to come along in a while."

    Then we should do it! But we certainly shouldn't stop there. Air strikes against the domiciles that house these computers is surely the next logical step?

    I like this guy's attitude. Why should we consider those who've willfully allowed their computer to become the unwitting tool of the enemy as innocents? Surely they deserve to be on the receiving end of nothing less than a good ol' fashioned Mounty tasering!

  8. John Watts

    Is it me?

    Why can't they just have their own private network that isn't connected to the Internet? I can never understand why anyone would connect anything important or critical to the internet in the first place!

    Yes it would be expensive but the military has never had a problem with pissing away money so I don't see it'd be a problem.

  9. Tim Brown
    Black Helicopters

    This is exactly...

    ...how Skynet began.

  10. Kristin McKechie
    Stop

    How long before...

    ... some script kiddie takes over the .mil.dork metwork and adds the good Colonels bot net to the already growing list of spam servers emanating from the good'ol US of A?

  11. ImaGnuber

    Sell Your MS Stock

    "He also argued that attacks on individuals whose computers are unwittingly hijacked by enemies would be justified since "there are real questions about whether the owner of that computer is truly innocent."

    So Microsoft ceases to exist?

    @ZM

    "Sure, it's a grey area, and some people have "ethical concerns" over whether it should be done or not, but frankly, if it can be done, it should. Fix them and move on."

    And how long do you think it would be before this started to slide over into examining the contents of computers in order to remove material considered inappropriate by the powers that happen to be at the moment ('dangerous' political opinion and networks or anything that happens to fall within an expanding 'extreme porn' definition, for example)?

  12. RW
    Linux

    @ ZM

    "Create an exploit that disables their network drivers and puts a message up on the screen saying "Hello, numbnuts, your computer's been hacked, please fix it." Or, heck, even just patch the exploit itself."

    Why not just install one of the friendlier flavors of Linux and be done with the vulnerabilities inherent in Windows?

  13. ZM
    Dead Vulture

    @ImaGnuber

    Perhaps, but since the only vulnerable machines are those who aren't kept up to date (obviously oversimplifying here), that would only be a problem for them.

    After all, with Windows Update, what says Microsoft can't do that, already?

  14. Anonymous Coward
    Thumb Down

    USA

    Useless

    Sods

    Again

  15. ben edwards

    af.mil

    Its all going to come from af.mil. Duh. Filter at the ISP level.

  16. storng.bare.durid
    Joke

    Zomg...

    Better check every single line of source and rebuild your systems now :)

  17. umacf24

    Is it just me .....

    1) I thought the point of a botnet was that it was distributed? If you have to pay for your own bandwidth they lose their appeal. If you just want to generate network traffic, Cisco can sell you a box that can outclass a Google datacentre of PCs.

    2) How can any amount of traffic knock out a PC on a home broadband? The difference between 512K and 8M is irrelevant for a modern PC. All you'll do is upset the ISP.

    Tosser.

  18. Anonymous Coward
    Anonymous Coward

    Air gap

    @John Watts

    Military and government networks that handle sufficiently sensitive traffic are required to have an air gap separating them from the Internet. (At least, they were a few years back, maybe they're allowed to use 'secure' VPNs these days, but I hope not). I'm sure some ElReg readers have worked in London colo centres where the MoD have kit - they're the ones in the cabinets locked with a keypad.

    @RW

    If you really think that Linux has zero vulnerabilities, may I recommend perusal of "The Ladybird Book of The Computer": http://tinyurl.com/5q2jb9

  19. Anonymous Coward
    Anonymous Coward

    How long befor..

    every single millitry IP is on all the ISP's block lists?

    And anyway, If they attack my PC like that (Not that is is a bot, but when has lack of target stopped the US.mil?) then they are guilty of a whole list of crimes. Or am I missing somthing (Apart from "well we dont give a f**k")?

  20. Peter Ford

    re: Is it me?

    > Why can't they just have their own private network that isn't connected

    > to the Internet?

    isn't that what the internet was designed to be in the first place?

    guess what the 'D' in DARPA means...

  21. Elmer Phud
    Black Helicopters

    All your base etc.

    Considering the ease at which US military machines seem get infected due to humans clicking on things isn't this just what military geeks in other parts of the world are waiting for?

    Let the U.S. military set up a bot farm to attack other bot farms then take it over. I guess it would be easier than trying to gain control of some of the Russian operated bot farms.

    " Damn cunning these Chinese, why didn't we think of that?"

  22. Timothy Slade
    Pirate

    folding@home?

    The USAF could probably save themselves some time and money by getting red-blooded, patriotic americans to volunteer their pcs for duty in this botnet - you willingly install a client, and when uncle sam needs to launch a massive DDoS attack, he can call upon every home pc in america...

    What's this guys email address, I want to suggest this to him (just for a laugh)...

    skull and crossbones, cos it's waaaay more attractive then paris hilton.

  23. Andy Shaw

    @Peter Ford

    Demented?

  24. Mark SPLINTER
    Stop

    fight fire with fire!

    News just in: American military guy sees problem. Decides to make bigger version of problem.

  25. Simon.W
    Stop

    The solution is much more simple...

    disconnect America from the Internet, watch spam levels drop by 70%-80%, at least, and allow af.mil to do whatever their paranoid arses want to do to their people; leaving rest of world+dog to get on with a sane life.

  26. Tom Farrar
    Pirate

    wah!

    It's not an awful idea, to be fair. Well, it is, but simply from a technical stand point - the idea of being able to defend your 'critical infrastructure' in timely manner is sound.

    Couple of problems really, which i don't think the good Col' and his researchers have thought of - firstly, a NIPS with the ability to send Gig's worth of data at a host is a terrible idea! Can you imagine the false positives, and the amount of hassle that will come with them? Secondly, who's infrastructure is going to carry these attacks? They can't believe it is okay to flood every peer on the way to Iran every time their NIPS identify a threat? Even if they do, do they realise that the run the real possibility of causing a DoS on themselves because of this? Say multiple threats attack them from multiple geographical locations, all a sudden their beasting every link out of the US; meaning Lt. Dan on patrol in Iraq can't relay critical information back to the US regarding a legitimate terrorist threat!

    The US would need to have a wide range of diverse locations around the world to make this work, and a system that doesn't blast countries off the face of the net. To be honest, unless they do it right they would be better off dropping a bomb on the offending host - it would cause less damage!!!!

  27. Nick L

    So what he's saying is ?

    > "there are real questions about whether the owner of that computer is truly innocent."

    So what he's saying is,

    "It will be necessary to destroy the IT village in order to save it"

  28. This post has been deleted by its author

  29. Hugh Fiske
    Paris Hilton

    Hair-brained

    Think you'll find that should be hare-brained.

    (I was hair-brained once before most of it fell out..)

    Paris cos she's got bald bits too, or so I'm told.

  30. Chris Cheale

    Sooo...

    If I was to control a botnet and I got all the infected clients to send out an attack at the US military via distributed anonymous proxies, or better yet through compromised clients within the US military network itself would I be able to get the US mil. to launch friendly fire attacks?

    Would this then leave me free to use the other half of the botnet to lauch further attacks at the US military?

    I clog their downstream and get them to clog their own upstream - bonus.

    mIRC at the ready, aim... FIRE!

  31. This post has been deleted by its author

  32. This post has been deleted by its author

  33. Steve Mann

    Errata Errata

    Acherly I think you'll find that's DODDOS.

  34. Anonymous Coward
    Pirate

    USAF should stick to their core competency

    Uh huh. This would be the same USAF that's currently running ridiculous, scaremongering, factually-challenged TV adverts which imply that your TV, telephone, internet, bank transactions, satnav and LOLcats could all be taken out by ONE missile knocking out ONE satellite, but fear not, we're here to save you from the threat!

    Or that they're protecting the nation from cyberattack, the Pentagon gets attacked millions of times daily (that much probably is true) and only the Air Force can protect us?

    Gimme a friggin' break. The server I look after gets attacked hundreds of times per day, and so far I haven't felt compelled to call in close air support for help.

    They should stick to what they know best, namely dropping ordnance on stuff from a great height. If they could start with the spammers and malware artists then they could claim to be saving us from cyber-threats and I'd believe it. :)

  35. Jesse
    Thumb Down

    encryption

    It would require minimal cost to encrypt at the reader. Then the number could be decrypted only at the credit agency when the bill is created.

    Just another example of the infrastructure not giving a damn about security.

  36. Jesse
    Thumb Down

    RE: Special Forces

    "Of course, putting a cruise missile into an exchange point (such as MEIX) would be pretty cost-effective, too."

    However politically ineffective...

  37. Elrond Hubbard
    Dead Vulture

    funny

    better than slaying a million iraqis..

  38. mtek
    Thumb Down

    ..right

    "Sure, it's a grey area, and some people have "ethical concerns" over whether it should be done or not, but frankly, if it can be done, it should. Fix them and move on."

    I assume this was some sort of dry humour or otherwise ludicrous joke.

    You advocate giving remote-access to systems owned by consumers to the government? in essence this is probably something they can already do, however opening the door for them is insane, you have even less privacy than you do already, not to mention this completely violates your rights to privacy of at least some nature - and who in the DOD would have access to this remote-"tool"? and the sign-off on it? hmm..

  39. Shinobi87
    Flame

    stoopids?

    this is a stupid idea. anyway isnt the whole point of botnet ddos attacks that say 100 machines in 100 differnt locations accross the globe say attack one machine/server/whatever. but his counter army will do what hit the first machine for 5 mins then swap onto the next and go through the list? it doesnt make much sense unless you can find out who is controlling the botnet and where from. in which case youd be better off to hack the server and send instructions to remove the bot then shoot the 16 year old hacker with a taser and send him to some horrible prision?

This topic is closed for new posts.

Other stories you might like