It would take only two years and around $100 million to develop an unstoppable cyber army, according to a former NSA official. Charlie Miller, who currently serves as a researcher with Independent Security Evaluators, demonstrated a plan to develop a cyber army at the DefCon meeting in Las Vegas.
Miller said he was asked by the Cooperative Cyber Defence Centre of Excellence in Estonia to participate in a wargame where he was asked to pretend to be North Korea and prepare to orchestrate a cyber attack against the United States.
“I pretended North Korea asked me to scope out the job of orchestrating a cyber attack on the United States,” Miller told AFP. “I lay it out as I would do it realistically.”
Back in June, Miller discussed the scenario with NATO officials.
“I already knew it was easy, but now I know in detail how easy it would be,” he said. “We are certainly very vulnerable.”
Under Miller’s plan, the cyber army would consist of around 1,000 soldiers of varying skill and experience levels. The plan would also require surreptitious breaching of networks prior to launching the attack.
“Once you give me two years to get set up you are basically screwed,” Miller said. “But, during the two years you have the opportunity to see what is going on and stop it before it gets going.”
North Korea was used in the exercise because the country is behind technologically, meaning if a cyber attack were to severely damage the Internet infrastructure, the country would be less effected than other nations.
“It could be anyone attacking anyone, but North Korea has an advantage,” Miller said. “Some countries could already be in position. We can chose to limit our dependency on the Internet, which isn’t realistic, or do our best to detect it and use politics to prevent it.”
However, despite the ease in developing the plan and putting it in place, Miller said some of the needed cyber professionals might refuse to cooperate.
“They might be scared you are going to kill them,” Miller said. “It’s a realistic thing to think about.”