Other potential targets – Border Gateway Routing (BGP) prefix hijack

Cyber warriors will attempt to sabotage the backbone of the Web which includes attacking the BGP. The BGP according to leading security experts is one of the most vulnerable access points on the web. The BGP is a core routing protocol which maps routing options for the best (i.e. shortest path) available routes for traffic to flow across the Internet. There have been two instances in 2010 where bad routing information sourced from China has disrupted the Internet. About 10 per cent of the Internet was affected by bad routing tables – in effect about 36,000 global networks were affected. This BGP routing error caused dropped connections, and most worryingly of all, Internet traffic to be re-routed through China.


Software and technology outsourcing
Many Western countries have over the years outsourced their IT and technology overseas, mainly to cut development costs. This has inadvertently led to some security researchers to speculate that there is a significant risk of Western businesses selling compromised technology/software back to governments and customers alike. The western military for example doesn’t have restrictions concerning where computer chips are made so it’s conceivable that malicious code such as logic bombs and trap doors may well be embedded in the millions of lines of outsourced computer code.

Microsoft software development doesn’t just happen in the US; it is in fact developed all over the world and on many different development servers. The US Department of Defense uses Microsoft Windows so you can identify the potential opportunities the cyber criminals and cyber warriors will see. The obvious risks of having the Windows source code distributed all over the world leaves the code open to trap doors and other malicious activity. It’s very difficult to control and manage millions of lines of code – if the code couldn’t be exploited, why do Microsoft release monthly security patches? The answer here (and I’m sure the US government agrees) is to keep the Windows source code in the US domain and under total US control.


Cyber weapons – what would be considered an act of war?
Most cyber weapons are only going to be designed to be used once. If these weapons are used more than once, then the cyber defenders will be able to detect them and apply the appropriate research to be able to defend against the same family of cyber weapons. Some nation-states (mentioned earlier) have the capability to strike at other nation-states to launch sophisticated cyber attacks to DDOS the stock market, activate logic bombs to ground the airlines and disable the transport and electricity grid.

If you were to take the US, the fact they are probably the most digitally connected country in the world (militarily at least), the prospect of the US provoking a cyber war wouldn’t be a clever plan. The other big problem facing a cyber war is who ever goes first will undoubtedly stand a better chance of winning. China for example could strike the US with an all out cyber attack and then disconnect itself from the rest of cyberspace.

So, what constitutes an act of war? It’s difficult to determine because there are so many attack vectors (which are common today and happening right now) that haven’t provoked a cyber war. Is it the penetration of a network? Is it sabotage of a network? Is it when a military network has had classified government documents stolen? What are the stages for cyber war? Let’s assume the malicious code has been planted and propagates across the network – the code isn’t activated yet, but when it is – is this an act of war? Who decides whether this is an act of war? There are lots of questions and not many answers right now.

Source of Information :  Hakin9 November 2010