Cyber Attack
Deterring a Cyber Attack? Dream On...
Michael Tanji spent nearly 20 years in the U.S. intelligence community. He regularly blogs at Haft of the Spear.
Can an attack of 1s and 0s be deterred, like a strike with tanks or missiles or bombs? That's what Paul Kurtz - cyber security veteran of both the Clinton and Bush administrations - seems to think. Me, I'm not so sure.
Speaking at the Black Hat DC security conference yesterday, Kurtz reiterated key points that old hands in the computer security field will find familiar, namely: for all of the organizations we've stood up and policies we have put in place, we're still not all that prepared to deal with a sufficiently widespread or destructive cyber attack:
The United States is unprepared to respond to a cyber-Katrina or cyberwarfare attack and must consider three hot-button issues as the new administration formulates its cybersecurity strategy: the role of the intelligence community, cyberweapons deployment, and who should be in charge of the nation's response to a cyberattack…
Kurtz's approach to the problem would involve an increased level of involvement of intelligence agencies, a corresponding increase in intelligence agency oversight (to avoid abuse), fusion between commercial and governmental data on suspicious activity and attacks, and a national-level center to coordinate activities.
Kurtz says cyberweapons require a deterrence policy, and to successfully deter an attack, you first need a capability to trace the origin of the attack. "I would argue that we need an active capability to trace back attacks," which requires the collaboration among industry, law enforcement, and the intelligence community, he said. Then cyberweapons can be developed and potentially used to "suppress the use of kinetic weaponry."
GREAT ARTICLE:
XXXXXXXXXXXXXXX
We have been warning about a threat to the entire WWW.
October 22 2002 Nine of the internet's 13 "root DNS" servers are disabled in a massive attack by a bot herder advertising his services, and done by mistake.
A pearl harbor cyber attack.
How the web could be shut down and highlighted proof of
concepts.
The paradigm they are discussing, Kurtz's approach is
too narrow and under focused.
Labels: Cyber Attack
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
<< Home