The 1980s Marine Corps doctrine of Maneuver Warfare (MW) heavily focused on the concept of “surfaces and gaps.” Marines, which largely defined themselves with frontal tactical and operational attacks against fortified sites in World War II maritime campaigns, would aim to move through existing weaknesses in the enemy’s line in future campaigns rather than creating them. Whatever the merits or demerits of MW, the concept has utility for explaining the nature of cyber threats that exist for most companies and organizations rather than exotic foreign cyberwar specialists or apocalyptic infrastructure-crashing attacks.
The Department of Homeland Security is warning that Anonymous is going to take to infrastructure attacks, and elements from the groups themselves are threatening to black out the Internet to protest copyright measures. While these may cause massive press attention (to the consternation of resident CTOVision hacker Bryan Halfpap), here’s a more realistic look at what Anonymous is actually doing:
Anonymous, a group not known for discipline, is giving itself a weekly deadline, a new attack every Friday. Following the Tuesday compromise of the website of tear gas maker Combined Systems, Inc., the Antisec wing of Anonymous struck a Federal Trade Commission webserver which hosts three FTC websites, business.ftc.gov, consumer.gov and ncpw.gov, the National Consumer Protection Week partnership website. …“We are already sitting on dozens of unreleased targets,” said an Antisec anon, who went on to describe an inventory of already compromised servers that could fill five months or more of #FFF releases. “Yes, each and every Friday we will be launching attacks… with the specific purpose of wiping as many corrupt corporate and government systems off our internet,” the anon continued.
Politically motivated hackers are, after all, looking to make political points. Most Internet users–including, government and private sector organizations–are not conversant in basic security procedures. Why go for spectacular attacks when there is simply so much low-hanging fruit lying around for doxing, defacing, and shutdowns? Or, to return to the metaphor at the beginning, why attack the fortress when one can move through the gaps in the wall? The hacks themselves admittedly are very basic stuff:
Anons claiming responsibility for the attack spoke to Wired.com in an online chat just as it happened, freely admitting that there was nothing technically remarkable in this hack. As one remarked, “own & rm and move on.” (rm being a unix command to delete data.)
As I wrote on the STRATFOR hack, despite the company’s tangential relationship to the actual Bradley Manning case, it got hacked anyway simply because it was a target of opportunity. There’s really a simple (conceptually) answer to the problem: harden the targets rather than buy into the threat of attacks–such as the laughable idea of crashing the Internet–that are more media trolling than anything else.