Note: This is a selection from Network Politics, a tdaxp series.
“How a Bookmaker and a Whiz Kid Took On an Extortionist â€” and Won,” by Scott Berinato, CSO Magazine, May 2005, http://www.csoonline.com/read/050105/extortion.html (from slashdot).
It started off with four classes of nodes. An Enemy (blue), conscripted attackers (dark grey), a victim node (light grey), and a Protagonist (red). Visually
The Enemy wanted to extort several dozen thousand dollars from the Protagonist. To do this, he put malicious computer code on many innocent computers, making them “zombies.” At will he could have his zombies attack the victim node — the Protagonist’s web server. This was DDOS (distributed denial of service) attack that prevented the Protagonist’s computer from serving the outside world — disconnecting the Protagonist from his potential customers. The Enemy is directly communications his demands to the Protagonist.
Then, the Protagonist escalated. The Protagonist hired a Mercenary (pink). The Mercenary’s first task was to build a network of defenders (middle grey), which stands between the Enemy’s attackers and the Protagonist’s server. While this does not end the attack, it prevents serious harm as the Enemy’s distributed attacks are now met by distributed defense. The Protagonist and the Mercenary have friendly direct communication, while Enemy is still directly threatening the Protagonist. Visually:
The Mercenary then began the counter-attack. He establishes direct friendly communication with the Enemy, lying about his identity. He determines the physical location of the Enemy — Russia. The Mercenary now co-opts his own networks of attackers — the Russian police (yellow).
In the coup de grace, the Protagonist attacks the Enemy through the Russian police. Visually:
The end state? The attacker zombie nodes are liberated, the Enemy is pacified, the Mercenary has links to both a network of attackers and network of defenders, and the Protagonist can conduct his business safely.
Thoughts to ponder:
- While the story is about a technological attack on a gambling site, the network diagrams could tell many stories. The same diagrams can be used to examine the assassination of an Afghan tribal chief, the take-down of an insurgent network, a Chinese bandit moving into a valley, &c
- In the story the Mercenary is altruistic. But assuming he is not, is the Protagonist now in more or less danger than during the original attack? How much potential power does the Mercenary have over the Protagonist?
- In the story, the Enemy’s attacks are horizontal (devastating, but nonviolent and peer-to-peer) while the Mercenary’s counterattack is vertical (violent, resulting in imprisonment by men with guns). Nonetheless, a successful attack by the Enemy would have been devastating. Can horizontal and vertical attacks be equally destructive?
- Note that the Enemy has lost all power in the final chart, because he is completely disconnected. The power dynamic has completely changed with all the same nodes still in place. Disconnectedness defines danger. Does connectedness define safety? Power?
Update: Welcome Thomas P.M. Barnett readers. I created this post by combining my graduate study in computer science with political science concepts. If you enjoyed this post, see also my History, Political and Military Doctrine and Connectivity sections.
Question about this post? Confidentially email tdaxp.
Update 28 October 2005: A new version of this analysis, looking at Speaker Hastert’s blog attack on oil companies, is now available.
Network Politics, a tdaxp series
Introduction: Net-Attacks and Counter-Attacks
Part 1, 0GW / 4GW: Iraqi Sunnis
Part 2, 0GW / 4GW: Christian Conservatives
Part 3, 1GW / 4GW: George Soros
Part 4, 2GW / 4GW: Social Security
Part 5, 4GW / 4GW: John Kerry