Warning: Cannot modify header information - headers already sent by (output started at /home/content/30/8410730/html/index.php:2) in /home/content/30/8410730/html/wp-includes/feed-rss2.php on line 8
The Orlando Doctrine » Weaponization http://orlandodoctrine.com The Network Use of Force Continuum Wed, 28 Jan 2015 18:40:21 +0000 en-US hourly 1 https://wordpress.org/?v=4.1.33 China’s strategy: infowar, poliwar, lawfare http://orlandodoctrine.com/?p=296 http://orlandodoctrine.com/?p=296#comments Fri, 11 Apr 2014 11:29:43 +0000 http://orlandodoctrine.com/?p=296 Deceive spectrum activity at its finest. It doesn’t have to be all political, after all. So China makes dubious legal claims, convinces people that they are real by creating media illusion, and creating political discontent. This is not new, but apparently the west never gave it any great strategic thought…

Bet we haven’t given any serious thought to economic warfare, either. Economics 101 taught me that communism places the means of production in the hands of the people… What if those people are all in China?


http://orlandodoctrine.com/?feed=rss2&p=296 0
Destroy: Assassination by hacking an automobile – Richard Clarke suggests its been done. http://orlandodoctrine.com/?p=293 http://orlandodoctrine.com/?p=293#comments Sun, 02 Feb 2014 22:49:36 +0000 http://orlandodoctrine.com/?p=293 Ok, so where to begin?

Look we all know that hacking is serious now. Control systems hacks are the in thing at the moment, and what is cooler than hacking a 2000 pound mountain of steel and plastic that can barrel down the road at 100 miles per hour? They did it in SnowCrash, and Shadowrun, after all. The singularity must be nigh, right?

This article in the Daily Record suggests that the death of the journalist who exposed General McChrystal was engineered, per Richard Clarke. Now, I’m not generally the kind of guy who believes in ghost stories. Spooks in the wire are the kind of scary tales that con-goers hear each time they show up at B-Sides, heck, I use those kinds of stories to my advantage all of the time. I imagine it could happen, I know its possible. We saw Charlie Miller’s laptop demo on the Prius last year. So we all know its possible. But the idea that its being done actively feels like security theater. It feels like:

We’re going to take out journalists boys… Lets use an enormously advanced hack that will leave a lot more evidence and exposure to scrutiny, instead of simply screwing with his brakes, it will be good practice.


So, this is the ultimate Destroy attack. Assassination by computer. At least according to supposition from a former White House advisor. What do you think? Is this the next step in the “cyber-arms race?” Or, is it just speculation to sell newspapers?

http://orlandodoctrine.com/?feed=rss2&p=293 0
Military Budget limits cyber weapons proliferation, except in legitimate BUSINESS SELF-DEFENSE http://orlandodoctrine.com/?p=291 http://orlandodoctrine.com/?p=291#comments Thu, 23 Jan 2014 06:41:59 +0000 http://orlandodoctrine.com/?p=291 The Verge reports that the Defense spending bill signed by President Obama back in December, offers funds to help reduce the sale and spread of exploits. The article then uses the term legitimate self-defense, as a valid reason to allow these exploits to continue to be traded. Is this something specific to DIB companies? Is there counter attack from small companies in the future? Can I hire licensed, armed cybersecurity guards, yet?

The $552 billion 2014 military defense budget signed by President Barack Obama will continue to fund high-tech cyber and unmanned aircraft operations. The budget, which grants central Cyber Command $68 million in operational costs alongside more money for research and individual unit operations, instructs agencies to work towards controlling the proliferation of “cyber weapons.” That means stopping the sale or spread of malicious code for “criminal, terrorist, or military activities” while allowing governments and businesses to use it for “legitimate” self-defense.

The Verge – US military sees more drones, ‘cyber weapon’ non-proliferation in the future

http://orlandodoctrine.com/?feed=rss2&p=291 0
Claims that cyberspace is now cyberbattlefield http://orlandodoctrine.com/?p=272 http://orlandodoctrine.com/?p=272#comments Tue, 12 Nov 2013 12:46:49 +0000 http://orlandodoctrine.com/?p=272 http://resources.infosecinstitute.com/classified-nsa-exploit-tools-radon-dewsweeper-work/

From the article:

Security expert Bruce Schneier is one of the most authoritative experts who revealed that the NSA has a wide-ranging arsenal of zero-day exploits to use for cyber operations. The revelation isn’t surprising, the security community is aware of the great effort spent by governments on cyber operations. Many intelligence agencies have created dedicated internal units, specialized in hacking for sabotage and cyber espionage. Almost every government is improving its cyber capabilities, in many cases they’re working in the development of cyber weapons.

The article goes on to describe two alleged NSA tools, one using RF to communicate. So, my question is:

Does a government data collection / espionage activity, even one that that has the ability to become malicious, rise to the level of warfare? Espionage is not war. Thats why the US sent a Russian supermodel packing a few years ago, rather than fire missiles on Moscow, back before Anna Chapman appeared in Playboy, or proclaimed her love for Snowden.

Lets be clear, espionage is not war.

But maybe its preparation for it. Right, China, Russia, Israel, DPRK, UK, FRG, Australia, Brazil?

http://orlandodoctrine.com/?feed=rss2&p=272 5
Cyber mass shooter http://orlandodoctrine.com/?p=264 http://orlandodoctrine.com/?p=264#comments Fri, 04 Oct 2013 17:02:03 +0000 http://orlandodoctrine.com/?p=264 http://p.washingtontimes.com/news/2013/oct/3/cyber-mass-shooter-poses-future-threat-computer-se/

What a great article. Of course General Hayden’s comments beg the question, how do you stop a criminal, if you can’t defend yourself? This really goes directly to the need to be able to respond to an immediate threat with a proportional use of force in self-defense. Of course, some will argue that it is illegal, and some will say that it invites retaliation, and others will continue the attribution arguments. I will point to the Network Use of Force Continuum, which indicates that if you are not appropriately defending your networks, then it is difficult to justify a more aggressive form of self defense.

From the article:

The fastest-growing cyber threat is from a kind of digital mass shooter, a deranged or outraged hacker able to obtain cyberweapons currently available only to nation-states and organized crime, a former senior U.S. intelligence official said Thursday.

“They’re just mad, they’re mad at the world,” said retired Air ForceGen. Michael Hayden. “They may have demands that you or I cannot understand.”

Mr. Hayden warned that within five years hackers “will acquire the [cyberattack] capabilities that we now associate with criminal gangs or nation states,” such as being able to conduct online sabotage of industrial control systems that run power plants, factories and utilities.

Thanks General Hayden! You set them up and we’ll keeping knocking them down, sir.

http://orlandodoctrine.com/?feed=rss2&p=264 1
Spat between two Dutch companies sparks record-breaking 300Gbps DDoS attack – Yahoo! News http://orlandodoctrine.com/?p=243 http://orlandodoctrine.com/?p=243#comments Thu, 28 Mar 2013 16:30:28 +0000 http://orlandodoctrine.com/?p=243 Spat between two Dutch companies sparks record-breaking 300Gbps DDoS attack – Yahoo! News.

So, Spamhaus blacklists a hosting company, then Spamhaus gets hit by 300 GBPS of DDOS action. Looks like for Cyberbunker, there was immediacy, and there was a proportional response in the Disrupt spectrum, at least if Cyberbunker is doing it.

Why proportional? The blacklisting would have disrupted the business of Cyberbunker.

What do you think?

http://orlandodoctrine.com/?feed=rss2&p=243 0
Is Mobile the Next Frontier in Network Weaponization? http://orlandodoctrine.com/?p=172 http://orlandodoctrine.com/?p=172#comments Thu, 10 Jan 2013 14:50:19 +0000 http://orlandodoctrine.com/?p=172 While it would take thousands of smartphones to equal the attack volume of compromised servers used in the latest bank attacks, such large-scale DDoS are not in the majority…

With mobile devices, the attack could theoretically come from thousands of compromised devices in the same region or country as a bank’s customers, making it difficult for the bank to divert traffic without disrupting service.

via Mobile devices set to become next DDoS attack tool – CSO Online – Security and Risk.

http://orlandodoctrine.com/?feed=rss2&p=172 0