Am I the only one who thinks the so-called cyberwar between the United States and China is over-hyped? The cyberwar situation stems from the aircraft encounter in which a Chinese fighter jet and a US spy plane allegedly touched in midair. According to news reports, the Chinese pilot had to ditch his plane into the sea and is presumed dead. The US plane also suffered damaged but landed safely on a nearby Chinese island, where China confiscated the plane. The events angered Chinese hackers, who vowed to launch an all-out cyberwar against US Internet sites.
Several weeks have passed since the cyberwar events started to unfold, and certainly a lot of Web sites have suffered defacements during that time period—far more than in previous months. For example, I looked at the number of defacements recorded in Attrition.org's archives for March 2001 compared to the April and May 2001 archives. The number of Web site defacements has risen tremendously. According to the archives as of May 8, more than 700 Web site defacements have occurred already this month; the total number of defacements perpetrated in March was just less than 900.
If most of these Web site defacements are attributable to the so-called cyberwar, what is this cyberwar really accomplishing? Someone defaces a Web site and gets 15 seconds of fame; then the site operators secure the site and go on with day-to-day business with lessons well learned. Does this sound like a cyberwar to you?
In addition to Web site defacements, groups are also launching Distributed Denial of Service (DDoS) attacks against various networks. The National Infrastructure Protection Center (NIPC) recently issued an advisory reminding users about the potential for DDoS attacks in light of this alleged cyberwar. Be sure to check out the "DDoS Find" tool linked in the advisory—it can help you locate DDoS Trojans on your network.
But even with DDoS attacks involved, I fail to see how this situation can be called a cyberwar. War is about achieving goals in a violent manner of last resort; I fail to envision any goals that these attacks might accomplish other than to reveal thousands of systems that have become victims of DDoS Trojans.
Certainly, the defacements and DDoS attacks cost money to remedy, and that hurts the entities to some extent, but the only real difference I see between what's happening due to the alleged cyberwar and what happens any other day is an increase in the number of occurrences. Defacements and DDoS attacks happen almost every day, with or without a cyberwar.
If there is such a thing as a cyberwar, perhaps it's the battle among industry giants as they grasp for control over the digital world as a whole. Until next time, have a great week.
