back to article White House cyber-general says US must be able to cyber-nuke the worst of the cyber-worst

The US government must hone its offensive capabilities to electronically attack those who menace America's interests, said the White House's Cybersecurity Coordinator Michael Daniel, quickly adding global ground rules for cyber-war have to be worked out first. On April 1, President Obama signed an executive order that would …

  1. Chris Gray 1

    Be very afraid...

    This sort of thing is getting uncomfortably close to the US government requiring that manufacturers put methods into all products that allow the US to remotely, and without control by the user, stop or alter the use of the product.

    The products can be hardware, software, firmware, maybe even wetware!

    1. Anonymous Coward
      Anonymous Coward

      Re: Be very afraid...

      The Chinese make virtually everything shipped to the US, I think it's the US that should be very afraid.

    2. 7below

      Re: Be very afraid...

      Afraid? Not at all. Consumers do have other options, right? Even for the locals they‘ll buy Chinese made. And when that happen ...?

  2. Spaceman Spiff

    The inmates are running the asylum! What an idiot! One has to presume that he has never heard of the law of unintended consequences... Or maybe they are intended?

    1. GrumpyOldBloke

      Michael Daniel is the unintended consequence. A general concern for the well being of the nation devolves into a catchall for every nut job who likes pulling the legs off frogs and sharing other peoples nuddie picks. Michael has not even constrained himself to national security or the law but uses the suitably oblique - America's interests. Anyone who demands more power based upon the worst-of-the-worst argument should also be barred from office as we all know where that foot in the door strategy leads - and there it is; "the goal is to create 'norms of behavior'".

      On the plus side his analogy with Underwriters Laboratories and pooling resources to improve products is sound. I would like to see the tech world pool resources to help improve government. Perhaps by employing strong encryption in all communications products and storage assemblies, fixing vulnerable hardware interfaces like USB and having OS's report on unexpected changes in hardware and software configuration. Ethics and a reluctance to support projects which are clearly unconstitutional or not in America's interests would also be a positive step.

      1. Paul Crawford Silver badge

        +1 for that.

        Really, the note about UL is the only sane thing but it misses the point - there is a need for standards of software/systems not being shitty that are legally enforced. If your kit fails the UL standards then AFIK you can't sell it in the USA/Canada and if you do you can be prosecuted.

        We need something similar for software: a requirement that best-practice (e.g. MISRA coding standards, etc) is used when writing it and the security aspect is properly considered, and finally that timely bug-fixes are provided for free (i.e. covered by the intial sales cost) and are practical to install for 5 years or so after the product family is last sold. Some legal stick is also needed, e.g. making the supplier liable for the consequences if not patched effectively after say 30 days of a vulnerability being reported, and obstructing security testing/auditing of your products to be illegal.

        Yes, I know that costs money to do, but if it is a requirement on ALL businesses then doing it right is no longer a cost-penalty compared to the shitty state we currently see.

  3. Gray

    Hard on the heels of success ...

    "The CISPA and CISA legislation that has some people worried will come to a vote this week, and he said the word in the White House is that both will pass without a problem.

    Of course both will pass! Our glorious Congress passed the Patriot Act, and set up the FISA Court, and we've basked in the glory and success of both those achievements!

    Consider the fruits of American intelligence gathering and pin-point military involvement: Iraq and Afghanistan are stabilized and prosperous, Syria has seen the light and adopted a Constitutional government, Iran and Saudi Arabia are consulting together on the first wave of free elections in both countries; Somalia has been accepted in the United Nations, and Yemen is hosting peace talks between Israel and the newly-mandated Palestinian state. All terror threats against the United States, and indeed, the Free World, have ceased to exist!

    Now, concerning that encrypted and unregistered computer sitting on your desk ...

  4. Mark 85

    MAD is back....

    This may be intended as a good thing and it might work (slim chance at best) to at least slow down the amount of state sponsored activity. Two things bother me with this.... no definition of what would trigger such a response. Another SONY type attack? And there's the "leaving the ordinary criminals alone" message...

  5. Bob Dole (tm)

    : /

    Sometimes I really really don't like my government.

  6. Blofeld's Cat

    Well that's all right then ...

    "... This is not a tool that's going to be used on a daily basis for ordinary criminals ..."

    Of course not. No public servant would ever dream of using this capability for something trivial, any more than it would ever be used by "ordinary criminals"...

    1. Robert Helpmann??

      Re: Well that's all right then ...

      This is not a tool that's going to be used on a daily basis for ordinary criminals, but to allow us to go after the worst of the worst...", trying unsuccessfully to distance himself from previous efforts by various three letter agencies. It will be used on a daily basis. It will be used against ordinary criminals. It might not be used against ordinary criminals on a daily basis, but I would not bet against it.

      We waged war on poverty, drugs and terror. It looks as though we are starting a war on electrons.

      1. Mark 85

        Re: Well that's all right then ...

        You forgot the "War on Sanity". The politicians are winning and Sanity is losing. So.. SUCCESS!!!! They won one!!!!

  7. Schultz

    He point might be taken seriously...

    ... if the US government still had any credibility in the field of cybersecurity, building an open net, protecting diversity and freedom of opinion, ... As it stands, his statements are just some more noise in the propaganda war for controlling the internet of everything.

  8. Anonymous Coward

    I can suggest a target for him. Actually three. 1) NSA, 2) NSA, 3) themselves.

  9. Destroy All Monsters Silver badge

    Bad guys, good guys

    "We need to have a larger toolset to go after what the bad guys are doing"

    Infantile america, to the bitter end. Is it the fluorine in the water?

    1. Mark 85

      Re: Bad guys, good guys

      That would be fluoride, not fluorine. However, I think in this case it's two things... inbreeding in our political types and also the American Ethos of "When in doubt, use a bigger hammer".

  10. h4rm0ny

    "Bad Guys"

    You keep using those words. I do not think they mean what you think they mean.

  11. Ken Hagan Gold badge

    He's been watching too many movies

    I'd like to see how he proposes to cyber-nuke an air gap.

  12. amanfromMars 1 Silver badge

    Get with the Program. Simply Buy into IT for a Share, Uncle Sam. IT aint Rocket Science

    But in the long term, if the US is to actively go after miscreants online, then it's going to need international cooperation, Daniel said. The goal is to create "norms of behavior" for nation states online in reacting to such threats.

    The following, earlier shared here freely with El Regers on the Register program and/or project, is the norm of behaviour for nations states and non state actors, Mr. White House's Cybersecurity Coordinator Michael Daniel? ...........

    Disagree if you will, but the truth of the virtual reality of it and Advanced IntelAIgent Command and Control of IT does not alter the fact nor hinder Ab Fab Fabless Progress ...... Stealthy Immaculate Service.

  13. Evil Auditor Silver badge

    Another point of view

    The White House wants its own cyber-terrorist group.

    1. amanfromMars 1 Silver badge

      Re: Another point of view

      The White House wants its own cyber-terrorist group. .... Evil Auditor

      Quite a revolutionary and very lucrative opportunity for that which, and or those who can provide the unique overwhelming source that renders any kind of real and/or dynamic and/or kinetic force obsolete and counter-productive and self-destructive, Evil Auditor.

      Is there already a valid POC at the crazy White House where one can engage in negotiating for delivery of product for present and future placement of programs? Or are they happy to have outsourced provision from especial relationships from secret vendors via their chunnels?

  14. Christoph
    Black Helicopters

    False flag

    The problem is to reliably identify the attacker.

    If you want to damage a country, plant malware on its computers that will make them attack the US, and the US will obligingly respond.

    Anyone could do this, another country, a blackmailer, or one of these teenagers who delight in getting strangers' houses visited by a SWAT team. Get a whole country SWATted - what bragging rights!

    But the most likely attacker, and the one with the most skills to bring it off and avoid notice, is of course the USA. Any country which has oil or other resources that the US wants, or that thinks that having a democratic government means acting in the interests of their own citizens rather than in the interests of the USA, will have its computers taken over by the NSA and used to attack US computers, giving an excuse (as if one were needed!) for a 'retaliatory' attack.

    1. Anonymous Coward
      Anonymous Coward

      Re: False flag

      And when have facts or evidence even been needed for states to do whatever they want to do? They simply give some reasoning for what they want to do and tell us we cannot see the actual evidence as that is a matter of national security. Or they just invent and sex-up evidence to 'prove' whatever they want proven.

      Remember when Cameron was in the commons trying to get us to arm and fight on behalf of ISIL?

  15. Graham Marsden

    'The goal is to create "norms of behavior" for nation states'

    In other words: "Do what *we* like, or else!"

  16. strum

    Worst of the worst

    Nobody could possibly disagree with going "after the worst of the worst" - but laws don't have clauses saying "this only applies to really nasty people". They apply to everyone, and history tells us that law enforcers enforce when they can, rather than when they should.

  17. Anonymous Coward
    Anonymous Coward

    "the US also needs ways to terminate enemies online"

    Like that'll work, alls they gotta do is hit the reset button and they're back in business just like in online games.

  18. W. Anderson

    brave talk with muscle

    All this bluster and bravado from Michael Daniels, President Obama's Cyber security advisor , about "global" Cyber security rules and standards means diddly-squat if other large and very powerful technology countries like China, Japan and Russia for example, do not agree or go along

    with any "American" mandated policies, procdures or hollow threats.

    But even before such universal moves, The USA must contend with it's exorbitant national appetite and dependence on software technologies that are globally deemed and have proven unequivocally to be absurdly insecure and unreliable to an extreme degree. The treasure trove of Cyber intrusions against US companies in recent years - for Home Depot, Marshalls, Neiman Marcus, UPS, US Government departments and countess others can be attributed primarily to weaknesses and poorly designed infrastructure of Microsoft Windows software, to the tune of trillions of dollars of economic losses for US economy.

    President Obama and his "Cyber" team are ill informed as the depth of this problem for the country, especially since the might and political influence of Microsoft prevents their true learning experience and any pertinent knowledge gained to any relevant level, and the administration is too cozy with Silicon Valley behemoths as to alloy any objective and abstract evaluations that make sense.

    Great concept of international Cyber security cooperation and standards, but still a naive pipe dream, particularly given the revelations of USA NSA unscrupulous Cyber snooping on "close allies and their heads of state" and on millions of innocent citizens and children in non-threatening, developed democratic countries as well.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like