Two years and 100 mln dollars buys winning cyber army

A computer specialist has laid out blueprints for building a cyber army capable of crashing through US defenses
People attend a conference on cyber security. A computer espionage specialist has laid out blueprints for building a cyber army capable of crashing through US defenses. Readying an unstoppable Internet invasion would take two years and a total of 100 million dollars, according to Charlie Miller, who spent five years with the US National Security Agency under then-director Michael Hayden.

A computer espionage specialist has laid out blueprints for building a cyber army capable of crashing through US defenses.

Readying an unstoppable Internet invasion would take two years and a total of 100 million dollars, according to Charlie Miller, who spent five years with the US National Security Agency under then-director Michael Hayden.

Now a researcher with Baltimore-based Independent Security Evaluators, Miller on Saturday shared his battle plan with hackers at a DefCon gathering in Las Vegas.

"I pretended asked me to scope out the job of orchestrating a on the United States," Miller told AFP. "I lay it out as I would do it realistically."

Miller explained that he had actually been asked by the Cooperative Cyber Defence Centre of Excellence in Estonia to play general in the theoretical attack scenario.

He shared his results at a NATO briefing in that country in June.

"I already knew it was easy, but now I know in detail how easy it would be," said. "We are certainly very vulnerable."

Miller described the 100-million-dollar price tag as a bargain compared to how much money is spent on .

He crafted a broad strategy to target smart grids, banks, communications and all other aspects of a nation's .

The cyber army would number about a thousand soldiers ranging from elite computer commandos to basic college trained geeks, according to the plan.

A key to success was stealthily breaching networks and establishing beachheads in computer systems during the two years before the main cyber invasion.

"Once you give me two years to get set up you are basically screwed," Miller said. "But, during the two years you have the opportunity to see what is going on and stop it before it gets going."

Miller determined that single targets, such as stock market or , could be attacked much more economically.

North Korea was used in the war scenario on the premise that it has a tactical advantage in being so behind the technology times that crashing the entire global internet would leave it unscathed.

North Korea was also seen as unconstrained by alliances or friendships with other countries with more to lose in an Internet Armageddon.

"It could be anyone attacking anyone, but North Korea has an advantage," he said of his winning cyber battle plan.

"Some countries could already be in position. We can chose to limit our dependency on the Internet, which isn't realistic, or do our best to detect it and use politics to prevent it."

Miller took solace in the belief that some of the top computer experts needed to execute his plan would likely refuse to cooperate out of patriotism, morality, or plain fear.

"They might be scared you are going to kill them," Miller said. "It's a realistic thing to think about."

National Security Corporation president Mark Harding recalled graduating from officers school in the Navy having completed a thesis on how unprepared the country's military is for cyber war.

"There are people I know who have indicated they can take the entire Internet down and they can," Harding said.

"But, they don't because they believe in doing no damage and not taking anything that isn't theirs. It's when you lack a skill set of morality and discipline when you end up on the dark side."


• PhysOrg.com iPhone / iPad Apps
PhysOrg.com Audio Podcasts / iTunes
• PhysOrg.com Android apps (new version available)
Join PhysOrg.com on Facebook!
Follow PhysOrg.com on Twitter!

Explore further

Pentagon says military response to cyber attack possible

(c) 2010 AFP

Citation: Two years and 100 mln dollars buys winning cyber army (2010, August 1) retrieved 17 July 2019 from https://phys.org/news/2010-08-years-mln-dollars-cyber-army.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.
0 shares

Feedback to editors

User comments

Aug 02, 2010
So all our well funded computer security is just a twenty-first century cyber-Maginot Line?

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more