8/7/2019 The use of protracted peoples war in internet warfare_N_

1/2

: :

N

N

| |

The use of protracted peoples war i n internet warfare2010-12-24 17:18

Sihan Zheng

I would like to discuss a new method of conducting internet warfare. It is an adaption of the human wave and swarming tactics commonly used in conventional warfare to

suit internet warfare.

First of all, we would have to discuss the current situation in the hacking world. Currently in the hacking world, there is a small amount of pros-the elite hackers. This

group of elite hackers creates the tools that are commonly used, they find the exploits, and create the large amounts of hacking guides commonly found on the internet.

The second group is the so called script kiddies. Members of this group generally have little to no skill in programming and relatively limited knowledge in networking

technologies. This group accounts for most of the malicious hackers because of their sheer number.

Current doctrines regarding internet warfare mainly involves using small amounts of elite hackers to damage a countrys infrastructure, take down websites, steal files etc.

In essence, these methods are all an adaption of elite infiltration tactics from conventional war.

However, these methods have reached a practical limitation. Since the amount of hackers able to conduct these complex tasks are extremely limited. The scope of

operations is limited to the number of hackers that could perform these tasks.

This limitation leads to requirements for a new method of conducting internet warfare. Large numbers of hackers are needed in the previous method of internet warfare,

which is difficult to find. Therefore, I have developed a newer strategy for conducting internet warfare.

The basic idea is, during a conflict between 2 countries, political parties, organization, etc. A large number of hackers would have to be mobilized. These hackers would

attempt to deface the other sides websites and spread propaganda through the internet. To affect the other sides moral and confidence. However, the required amount of

hackers could not be mobilized easily, since attacking websites require a certain amount of skill.

Accumulating a large amount of highly skilled hackers is not easy. Therefore, I support creating hacking tools with one specific function that is very easy to use. Tools

commonly found on the market today simply simplify the process that people could do manually. However, I believe that new tools that idiot proof should be created in

order to allow people with little computer knowledge to be able to participate in hacking operations. This would increase the manpower pool available to mobilize in these

internet warfare operations.

These hacking tools would have to be extremely easy to use, with the possibility of human error reduced to a minimum. They would have to be designed so that their use

requires mini mal knowledge of computers. Another feature that must be included is the ability to automatically update or the ability to be updated easily with the latest

exploits.

The tools created should be functionally limited to performing the intended tasks. For example, a tool created by country x to deface websites in country y should not be

able to deface websites in country x. This makes management of a large amount of mobilized internet militias easier.

In order to successfully conduct these attacks, the first step is to mobilize a large amount of concerned citizens. This could be achieved by spreading the news about how

an enemy nation/ other religion/political party etc is evil. Hatred would have to be created, and they would have to understand that they could help out.

The second step is to create easy to use penetration software. The software has to be extremely easy to use, requiring minimal knowledge on computers or networks. Themain function of the software is not to obtain the shell, since many people do not know what to do with the shell. Instead, it should be automated defacing. A user would

only have to choose a defacing page, enter the target website, and the software would automatically test every known exploit and deface the website. The software would also

have to be able to automatically update itself, insuring that it could always penetrate the majority of websites on the internet. The goal of this is not to be able to penetrate

high security servers. Instead, it is to deface a large amount of websites in a short period of time.

The third step would be to distribute the software, how to use the software, and to instruct user on what websites should they attack. Multiple distribution methods should

be used to prevent distribution being disrupted.

The best way to defend against these attacks is to attack and disrupt the core leadership. Since most participants are politically motivated, without leadership spread ideals

and propaganda, the participants in attacks would end up simply giving up.

In many cases, the leadership is difficult to attack. Therefore, the next best method of defending against these attacks is through attacking the core programmers that create

the hacking software used in the attacks. This would seriously disrupt the attackers ability to conduct further attacks.

The channels used to recruit attackers and to spread the tools should be attacked too. Denial of service attacks should be conducted on the forums and websites used to

recruit attackers and the download sites and ftp servers used to host and spread the attacking software.

8/7/2019 The use of protracted peoples war in internet warfare_N_

2/2

| | | i | (27) | (0)

QQ ...

bbyaadzzq _ Y_ yangge335

17

In conclusion, the use of human wave tactics in internet warfare is a great idea, and it would be increasingly used in the future. It would replace the current model of small

amounts of highly skilled hackers conducting small scale operations as the most common way to conduct internet warfare.

2011 Baidu