Re: Quick Review: Cyberwar as a Confidence Game by Martin C. Libicki

[Ron Gula <rgula () tenable com>]

I'm not sure I agree. Technically, sure, you can hack into things and
take them out. However, comparing hacking to a cruise missile is a
stretch. I can patch my systems today and your cyber-attack tomorrow is
foiled. Or maybe I switch from Mac to Windows. A Tomahawk cruise missile
is just as effective against a Russian radar system or a French one.

Don't get me wrong - hacking, backdoors, denial of service, altering
messages, decrypting sensitive messages .etc all have their place. I
just think the categories are cyber intelligence, terrorism, espionage,
sabotage or crime but not "warfare".

We've been doing intel, terror, spying, sabotage and crime for a long
time and the tools have just changed with the introduction of
hyper-connected computers and targets.

-- Ron Gula, CEO Tenable Network Security http://www.tenable.com

On 3/20/2011 10:52 PM, greg hoglund wrote:
> > I agree with you Dave.  Cyberwar is technical.  Granted, like any war,
> > it must be backed by intel and psyops.  But, like any war, the kills
> > people see in the press are kinetic.  Cruise missiles are technical,
> > and kinetic.  But, everything is backed by intel.  Even missiles.  In
> > cyber, the importance of HUMINT far outweighs that of kinetic damage.
> > The technology is new and different, but the classic principle
> > applies.  This war is not new.
> >
> > -Greg
> >
> >
> > On Sunday, March 20, 2011, Dave Aitel <dave.aitel () gmail com> wrote:
> > > > Paper Review
> > > > Cyberwar as a Confidence Game
> > > > Martin C. Libicki
> > > > http://www.au.af.mil/au/ssq/2011/spring/libicki.pdf
> > > >
> > > > Here's the last line, which sums it up nicely:
> > > > """
> > > > Building up our offensive
> > > > capabilities is a confidence game. It says to those who would
compete in
> > > > our league: are you confident enough in your cyberwar skills that
you can
> > > > build your military to rely on information systems and the
machines that
> > > > take their orders?
> > > > """
> > > >
> > > > One thing missing from this paper is any evidence that this kind of
> > > > logic (aka, Fear Uncertainty and Doubt in military information systems
> > > > as applied to network centric warfare) has any real-world effect.
> > > > Militaries (including our own) simply don't take these things into
> > > > account when deploying new systems.
> > > >
> > > > But the main anomaly in the paper is simple: He treats Stuxnet as an
> > > > aberration, rather than the tip of the iceberg that finally made the
> > > > newspapers. And this leads him (and most other strategic analysts) to
> > > > conclude that hacking does not have real world effects. I have to
> > > > assume this is the WWII legacy of Enigma - where in order to take
> > > > advantage of intelligence you had to go out and order your sub killers
> > > > to go sink a boat. But just because hacking is tied to intelligence
> > > > bodies in most countries, and staffed with people who look and act a
> > > > lot like intelligence officers, does not make it the same thing.
> > > > Hacking is as kinetic as a cruise missile when you do it right.
> > > >
> > > > -dave
> > > > (This is a first in a series of posts where-in we all get to review
> > > > the Strategic Studies Quarterly's Spring Cyber-War papers -
> > > > http://www.au.af.mil/au/ssq/ ).
> > > > _______________________________________________
> > > > Dailydave mailing list
> > > > Dailydave () lists immunityinc com
> > > > https://lists.immunityinc.com/mailman/listinfo/dailydave
> > _______________________________________________
> > Dailydave mailing list
> > Dailydave () lists immunityinc com
> > https://lists.immunityinc.com/mailman/listinfo/dailydave









_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave