Dailydave mailing list archives
Re: With great responsibility comes great power.
From: Falcor <falcor () netassassin com>
Date: Mon, 25 Jun 2007 14:49:01 -0500
Yes and no. There is no standing ability if they had to start today; yes you are probably most correct. But the US has a vast history of ramping down, and even completely mothballing, warfare divisions only to reincarnate them later as far more powerful and able units. Then, mothball and forget the lessons learned... a little like shampooing your hair basically. Just wash, rinse, and repeat. We had the same thing with cryptographers and code breakers up until the end of WWII when they decided to keep such Intelligence units operational full time. (But you could also argue that was more due to the Cold War than being proactive.) I believe the US has limited assets currently that are actively training / working in this area. But the talent pool to pull from, in the event they are needed, is massive. Granted, there is good speculation that China (Dave opened the door) has been formally organizing and working its assets for a number of years now. Having offensive and defensive teams established with standard operating procedures and training and even real-life experience in working as an organized unit. I do not believe the US has this, nor has looked all that much into it on a large scale setup. So yea, I too would put us in the top 10 perhaps, but not in higher. With of course the reservation that th US would "climb to #1" if the need arose.
For now, the DHS could use a few good InfoSec engineers let alone cyber warfare specialists. ;)
matthew wollenweber wrote:
I've never seen anything at all to make me think that the US is even a major player in the cyber warfare spectrum. Maybe top 10, but top 5? I'm not inclined to think so.Dave makes a good point regarding the number of participants at foreign infosec conferences, but I'm not sure that's a good metric. There's no doubt BH/Defcon are flooded with Feds but those conferences aren't about cyber warfare. Hacking, exploitation, etc are all parts of cyber warfare but it's a much larger topic and one that I've never seen the government discuss in any detail in open channels.On 6/24/07, *mOses* <trklisted () networksamurai org <mailto:trklisted () networksamurai org>> wrote:The question is weather that is as scary as this: http://www.boston.com/news/nation/articles/2007/06/04/3_plead_guilty_in_tech_export_case/ <http://www.boston.com/news/nation/articles/2007/06/04/3_plead_guilty_in_tech_export_case/> Chi Mak who in 2005 was arrested for espionage. He was allegedly sending documents from his job as a defense contractor over to china. The CD's that where found contained propulsion systems for a new submarine and lot more juicy things you can imagine. I wonder how much far forward the Chinese got because of this person and people like him..... Dave Aitel wrote: > > Right now we're in the midst of some sort of weird publicity push from > the US Military regarding cyberwar, which started before the Estonians > got DDoSed last week. Most of the articles point out how China is > beefing up their forces with frankly inane titles such as "China > Cyberware Alert!": > > http://edition.cnn.com/2007/TECH/internet/06/13/china.cyberspace.reut/index.html > http://www.defensetech.org/archives/003548.html > There's a NYT article today too, but they make it impossible to link > to them. > > In March, Stratfor had an article about it as well: > http://www.stratfor.com/products/premium/read_article.php?id=286304 > They concluded: > """ > Ultimately, much about cyberwarfare efforts will remain classified. > Cartwright's comments are more illustrative of a military that is > accustomed to dominating the battle space preparing for a new > offensive in cyberspace. STRATCOM's staff judge advocate -- the > command's legal representative -- likely has advised Cartwright that > his efforts to bring offensive cyberwarfare measures to bear have > reached the point at which they require congressional oversight and > approval -- the only real motivation for Cartwright to share his > command's efforts with the public. > """ > > If you listen to John Arquilla, of the Naval Postgraduate school, he > also mentions China first as the leading integrator of cyberwarfare > into their overall strategy [1]. Oddly he believes there's only a few > dozen master hackers in the world, a number I think is far too small, > but perhaps we have different definitions or just a different circle > of friends. His estimate is that half of the master hackers are > American, a number I would say is irrelevant. You can't judge the > length of a sword by the sharpness of the point. > > My opinion is that any cyberwar waged against the United States would > be one-sided. As Admiral Yamamoto learned the hard way[2], one of the > US Military's defining characteristics is extensive propaganda efforts > to get the opponent to underestimate them. But as a somewhat useful > metric, you can fit the attendees of all the non-US information > security conferences each month into any one US conference. > > -dave > > [1] http://www.worldpoliticsreview.com/podcast.aspx?id=30 - I started > listening to this sure he would be full of it, but it's really quite > good. > [2] http://en.wikipedia.org/wiki/Isoroku_Yamamoto and > http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote > <http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote> > ------------------------------------------------------------------------ > > _______________________________________________ > Dailydave mailing list > Dailydave () lists immunitysec com <mailto:Dailydave () lists immunitysec com> > http://lists.immunitysec.com/mailman/listinfo/dailydave > _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com <mailto:Dailydave () lists immunitysec com> http://lists.immunitysec.com/mailman/listinfo/dailydave -- Matthew Wollenwebermwollenweber () gmail com <mailto:mwollenweber () gmail com> | mjw () cyberwart com <mailto:mjw () cyberwart com>www.cyberwart.com <http://www.cyberwart.com> ------------------------------------------------------------------------ _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- With great responsibility comes great power. Dave Aitel (Jun 24)
- Re: With great responsibility comes great power. mOses (Jun 24)
- Re: With great responsibility comes great power. matthew wollenweber (Jun 24)
- Re: With great responsibility comes great power. Halvar Flake (Jun 25)
- Re: With great responsibility comes great power. Security Guy (Jun 25)
- Re: With great responsibility comes great power. Falcor (Jun 25)
- Re: With great responsibility comes great power. John Smith (Jun 25)
- Message not available
- Fwd: With great responsibility comes great power. matthew wollenweber (Jun 26)
- Re: With great responsibility comes great power. matthew wollenweber (Jun 24)
- Re: With great responsibility comes great power. mOses (Jun 24)
- <Possible follow-ups>
- Re: With great responsibility comes great power. Halvar Flake (Jun 28)
- Re: With great responsibility comes great power. Florian Weimer (Jun 28)
- Re: With great responsibility comes great power. Halvar Flake (Jun 28)
- Re: With great responsibility comes great power. Florian Weimer (Jun 28)
- Re: With great responsibility comes great power. Ari Takanen (Jun 30)
- Re: With great responsibility comes great power. Gadi Evron (Jun 30)
- Re: With great responsibility comes great power. Lance M. Havok (LMH) (Jun 30)