This
story appeared on Network World Fusion at
http://www.nwfusion.com/columnists/2001/0416bradner.html
'Net
Insider:
Part way down a
slippery slope
By
Scott Bradner
Network World, 04/16/2001
It's
long been rumored that some governments have sponsored research programs in
cyberterrorism with the aim to disrupt networks and network-based services of
enemies.
Now it seems some governments don't want to wait and may be
ready to use cyberterrorism weapons against some tiny targets today. According
to Spiegel Online, Germany's Minister of the Interior Otto Schily has floated
the idea of using state-sponsored cyberterrorism against non-German Web sites
that Germany considers illegal. Minster Schily seems to have in mind using
denial-of-service (DoS) attacks against U.S.-based Nazi Web sites.
(An
aside: I used Google's language translation service at www.google.com to try to
read the Spiegel Online article. I couldn't find a simple 'translate this URL'
command, so I had to fake a URL that invoked the translation service with the
URL that I wanted translated. I used the string
http://translate.google.com/translate?hl=en&sl=de&u= followed by the
URL. The output would not have gotten me a good grade in the last German
language class I had, but I could mostly understand what was written. The
translation had a few funnies, such as translating "American
Constitution" as "American condition," but did a better job than
I could have these many years after failing German at Boston University.)
Schily
seems to ignore or dismiss some issues that are relevant. There is a minor
question of violating the sovereignty of another nation as well as Germany's
own anticyberterrorism laws. There is the precedent that would be established -
Germany could quickly find its own network under attack based on any number of
imagined violations of local laws.
Would this stance justify an attack
on the German banking system just because charging interest is against the law
in some countries? How selective would the German tools be? If an official
German DoS attack disrupted a legal site under German law, would that be seen
as unavoidable collateral damage? Would a U.S. ISP that protects its
infrastructure against a German DoS attack face charges of aiding an enemy in
Germany?
As DoS protection technologies improve, Germany would have
to develop better attacks to keep even. How could the country be sure its new
attack technology wouldn't be analyzed and used against German targets? The
attitude seems sort of like wanting to use chemical or biological weapons while
assuming your own population can refrain from breathing for a few weeks.
This
is a really bad idea. I trust people in Germany who are somewhat more in tune
with international law and can see more than 3 minutes into the future will put
a stop to it.
Disclaimer: Luckily, for every person at Harvard that
has a really bad idea, there are more than a few to recognize it for what it
is, but I've not consulted either for this column.
All contents
copyright 1995-2002 Network World, Inc. http://www.nwfusion.com