Resource Consumption Attacks

Resource Consumption Attacks(RCA) allow the cyberinsurgent to reason about the cost that the target will incur from dealing with the attack. The target is faced with a dilemma:

  • Lose control of the situation
  • Ramp up efforts and pay the cost of dealing with the new load

For the counter-insurgent, neither option is attractive. Loss of control is anathema to corporations and states since it is their perception as being in control that forms the basis for their credibility and authority. The insurgent’s goal is to weaken the target in whatever way possible and making them appear ineffective and incompetent is a simple and effective way of distracting them from their main mission and raising their mission costs.

Should the target choose to respond to RCA by increasing the resources available to them, they still lose because they have increased their mission costs and almost certainly will experience a lag while they add resources: do as much damage as you can into the lag-time and then move to another part of the target’s attack surface, and don’t go back until they re-allocate the resources and are ripe for another RCA. As the attacker, you are manipulating the target’s operational model, staffing, and cost profile – when they allow that, you have won this particular battle.

Examples of RCA are:

Not all of those attacks are aimed solely at harming the enemy through consuming their resources, but all of them do consume the enemy’s resources. In the strategic context, RCA are a gift that keeps giving: whenever you perform an operation against the enemy, ask yourself what you can do to make clean-up and response more expensive or difficult. For example: if you are going to take a target’s website offline, can you do it/time it so that their backup/restore capability is degraded and will require manual repair? In every situation where your damage can increase manual interaction in order to recover, your attack’s cost is multiplied. Suppose you are aggrieved by face-scanning security camera in a certain location, and you decide to deny your enemy the use of the camera: don’t just spray-paint over the camera, rip the camera down using a wire noose. It will take twice as long to repair. While you’re at it, don’t just rip down the camera, take a hammer and give the power/network cable that feeds the camera a good whack – if the repair-person is typical, they will not be on the lookout for two points of failure and will replace the camera, expect their job to be done, and be frustrated and furious when they discover they need to re-run the cable.

Every thing your enemy does requires resources from them in order to do it. Every thing you do to increase their cost of action, reduces their ability to act.