Tuesday, February 26, 2013

Zombies vs. 10GbE ICBMs as Internet Arsenals

This article was originally published in December of 2012 at 10GbE.net.


The image of hundreds of thousands of zombies attacking is scary, but then so is the image of a large city being vaporized by a purpose built intercontinental nuclear warhead. When I say 10GbE ICBMs I'm loosely defining a new class of cyber weapon, crafted from COTS parts that is purpose built to deliver massive digital payloads across the web from a tightly managed, yet geographically disperse, collection of launch platforms, an Internet Converged Binary Munition.  The cyber warfare equivalent of our current  arsenal of 450 Minuteman-III ICBMs spread across Wyoming, Montana & North Dakota .  Yes, the US still has hundreds of ICBMs fueled up and ready to fly.  Conversely, China is a big proponent of leveraging zombiebot networks, co-opted personal computers in homes universities and businesses around the world, as their primary offensive weapon for industrial espionage, and their cyber Cold War with the rest of the world.  

The moral attitude of the United States, our culture, and a constitutional amendment, prohibit us from adopting the zombie approach.  Anyone familiar with battle understands that you rarely win because you have more soldiers, but that you win more often when the logistics are in place to support them.  Individually zombie bots have erratic performance, and as an army they are unpredictable because control is limited, and access can easily be terminated by a third parties (the owner, ISP or law enforcement).  Also the foundation of your zombie army is based on the theft of processing cycles, electricity and network bandwidth.  Eventually most thefts are detected, prevented and reported.  Furthermore the third amendment to our constitution bars the government from quartering soldiers, including digital ones and even remote physical ones, on private property.  Personally, I find the whole concept of zombies bots amateurish and offensive.

In contrast, the US is exploring purpose built cyber weapons platforms utilizing high performance 10Gb Ethernet technology that can be well over 10,000 times more efficient, per link than even the best zombies.  Today millions of zombies are inhabiting people's home computers all around the world.  As an example, in July the third largest zombie bot network, Grum, was taken off-line and it contained 120,000 unique network addresses.  This year the average US home internet speed is 7Mbps. ISP's as a rule throttle upload bandwidth to 1/10 that of download so the average home has at best 0.75Mbps of outbound capacity available to a zombie.  A single server using several multi-port 10GbE adapters could easily be built today using COTS (Commodity Off The Shelf) parts which could deliver a payload equivalent to 250,000 zombies.  That's twice the size of the botnet mentioned above, all in a single tightly managed server, a logistical battle planner's dream weapon.  Now imagine a few of these servers per rack, a few racks per ISP, and a dozen or so major ISP locations spread around the world, all for less than the purchase price of a singleJoint Strike Figther (cost $207M/each, and the US is buying 2,443).  Cyber war is here, and DARPA is doing the R&D to ensure the US is prepared to win.    

1 comment:

  1. Been using AVG protection for a couple of years, and I'd recommend this product to all of you.

    ReplyDelete