Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

Summary: The U.S. is already in a war with a terrorist network. Leaderless cyberattack groups could ultimately pose a similar problem.

SHARE:

NEW YORK -- Former Department of Homeland Security chief Michael Chertoff said combating groups like LulzSec and Anonymous pose a unique problem for law enforcement because "the big challenge is attribution." However, it's possible that the U.S. government could find itself in a cyberwar with a network.

Chertoff, speaking in New York at a lunch hosted by Opera Solutions, an analytics company, gave a talk largely on cybersecurity. He noted that the U.S. needs to form a cyberattack doctrine that outlines all the nuances of attacks and various degrees of response.

The hardest part---given the high-profile attacks from leaderless groups---is finding the right actors involved. "Do we respond if we don't know who had bad intent, but can locate the server that is a weapon against us? Do we take out the server in real life or cyberspace? There's not going to be a clear line and we may take that server out in physical and cyber domains."

The big question with dealing with hactivists is finding the line where an attack moves from a law enforcement issue to an act of war. Chertoff said that the government would be reluctant to respond to someone "defacing a Web site or stealing data even sensitive data." But a loss of life could turn an attack into an act of war.

One hypothetical scenario posed by Chertoff was an attack on air traffic control that led to the loss of life. "We are at war with a terrorist network today so we can be at war with a network. When attacks moves from criminality to something that warrants a military response depends," he said. "This is going to be very fluid."

Chertoff's talk was notable because it opened the door to a point where a cyberattack could lead to a response to take out a server. Welcome to the new world.

Other key items from Chertoff:

  • Analytics will play a key role in security as the never-ending flow of data will be utilized by both the private sector and government in cooperation.
  • He said it was unclear whether the "huge rash of stories about cyberattacks" meant an "increased appetite for these type of intrusions" or just more attention paid to cybersecurity.
  • The government needs to create a doctrine on what would be an act of war in the event of an cyberattack. This doctrine would revolve around the following:

  1. Determining what attacks are most important and have degrees of response.
  2. Consider the vector of attack. Network attacks are the most common, but the supply chain may be more important, said Chertoff. "The big issue we have to be concerned about is the supply chain. The ability to check every chip is not practical. How ensure ourselves that we have hardware and software we can trust? We do need to manage the risk," he said.
  3. Dealing with all kinds of actors. What's the response against a hactivist, a kid or government?

Related on ZDNet:

Topics: Security, Government, Government US

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

27 comments
Log in or register to join the discussion
  • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

    All the government offices in United States should follow these recommendations to avoid cyber attacks<br>:
    1) Use IPv6 instead of IPv4 <br>
    2) Use IEEE 802.1X authentication to authenticate all computers that are connecting to your network with wired or wireless connections (including mobile phones) <br>
    3) To help protect IP packets from tampering (data modification) and interpretation (passive capturing) by intermediate or neighboring nodes, IP packets can be protected with Internet Protocol security (IPsec)<br>
    4) Use IEEE 802.1AE (MACsec). This standard specifies a set of protocols to meet the security requirements for protecting data traversing Ethernet LANs. This norm assures incomplete network operations by identifying unauthorized actions on a LAN and preventing communication from them.
    MACsec allows unauthorised LAN connections to be identified and excluded from communication within the network. In common with IPsec and SSL, MACsec defines a security infrastructure to provide data confidentiality, data integrity and data origin authentication. By assuring that a frame comes from the station that claimed to send it, MACSec can mitigate attacks on Layer 2 protocols.
    Gabriel Hernandez
    • The game has changed my friend

      @Gabriel Hernandez <br><br>Hackers don't bother trying to find network based weaknesses to gain access to the internal network - they just send a phishing email and use social engineering to do it. Once they're on the inside they elevate privileges and find the data they're looking for, open an outward connection to an internet host and send out the data (encrypted of course).<br><br>Not saying the stuff you mentioned isn't worth doing (though IPv6 has more than it's fair share of issues), but I don't think it would prevent the sort of high profile hacking attacks we're seeing these days.
      iTeaBoy
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @Gabriel Hernandez <br><br>1. IPv6 won't make you any safer. Software exploits are software exploits regardless of how it's delivered. <a href="http://en.wikipedia.org/wiki/OSI_model" target="_blank" rel="nofollow"><a href="http://en.wikipedia.org/wiki/OSI_model" target="_blank" rel="nofollow">http://en.wikipedia.org/wiki/OSI_model</a></a> Completely separate layer.<br><br>2. Is a good suggestion in general, and is required for classified data. However, when you exploit an application, you're looking at a buffer overflow or something of that nature, which is again not at that layer. When you need to convey something to the public you need a way for someone to get to that network, so really this isn't applicable in many cases. Like in the case of the senate's website... That's something the public must be able to access, so IPSec won't change anything.<br><br>3. Again, most of these exploits happen on the outside portion of your network. Once you gain control of a device on the network, you will be authenticated on that network. Packet spoofing usually has little to do with these outside exploits because most modern kernels detect packet spoofing. Usually the problem is in an application on the system, like the webserver software or the DNS server software.

      These attacks are on machines that must be accessible from the outside. All of your suggestions (with the exception of #1, which is irrelevant) are good for the internal network, but have no effect on the operation of a webserver...
      snoop0x7b
  • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

    IMHO Governments of the West have taken cybersecurity too lightly. Being connected 24/7 is the reality of US business nowadays. How close to war is it when political movement, criminal gang, or nation state(s) probes our IT infrastructure through hacking and/or malware attacks, to find exploitable weaknesses that stop this country carrying out its legitimate businesses?
    This IS the new cold war and governments must be prepared.
    Agnostic_OS
  • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

    Everyone should just use Macs or Linux because they're invincible.

    Fact.
    OffsideInVancouver
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @OffsideInVancouver

      LOL, ur going to get so much flack over this obviously blatent jab at the crazy *nix users out there. I love Linux, but it's not invincible. Any good tech geek knows no OS is invincible.
      KBot
      • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

        @KBot

        Indeed! Those Lulzsec "dumps" are so familiar to this 'Nix sysadmin...
        dalecosp
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @OffsideInVancouver

      You sir, are a troll.
      josh92
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @OffsideInVancouver

      BS. Rootkit.
      puterami@...
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @OffsideInVancouver That's sad - Fact.
      ItsTheBottomLine
  • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

    LulzSec and Anonymous are doing a lot of damage. They are going to make Big Brother even stronger. This is just like 9/11 where the government used 9/11 as the rationalization to take away more of our liberties by enacting the Patriot Act. This lawlessness by these hackers will bring about similarly radical actions by the government which will again take away more of our liberties. But I take solace in the thought that once Big Brother gets too powerful and people finally realize they are living in a police state, then coding will become commonplace and every tom, dick and harry will become a hacker and everyone will be fighting to bring down the corrupt and selfish and voracious government.
    josh92
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      He needs dark sunglasses...
      (Agent Smith:) "MISTER Anderson..."
      voltrarian
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @josh92

      Kinda coincides with gun control... when guns are outlawed, only outlaws will have guns. When coding is outlawed, only outlaws will code.
      jdeathe@...
  • Michael Chertoff is an Idiot

    This is the guy who says that regularly being exposed to ionizing radiation is perfectly safe. He has absolutely NO CREDIBILITY, in my opinion.
    prwexler@...
    • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

      @prwexler@... He also looks really creepy and sinister in his photos... like a pedophile or something.
      snoop0x7b
  • F U

    We should dismantle the DHS ASAP. It is a security theater and a money black hole.
    Tommy S.
    • agreed

      @Tommy S. black hole indeed, it's sucked up our freedom and dignity along with all that money.
      pgit
  • Skeletor!

    I'd wondered where he went. So he's put on a suit and tie and tried go go 'respectable,' eh? Someone should have told him DHS is exactly the wrong place for that...
    pgit
  • RE: Former DHS chief Chertoff: LulzSec, Anonymous pose big challenges

    And just think, a few short years ago Mr. Chertoff didn't even know what an email was.
    ITOdeed
  • war?

    > But a loss of life could turn an attack into an act of war.

    Why should the severity of the action change it from a "crime" to an "act of war"? That might lead us to attacking an entire nation for the actions of a few, thus punishing millions of people based on happenstance of geography alone. I would prefer that we apply the rule of law and only punish those who are guilty. Otherwise you go down a path that can lead to the death of thousands of innocent people and wasting of billions of dollars. Does any of this sound familiar?

    gary
    gdstark13