Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Q: Why do defenders keep losing to smaller cyberwarriors?

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 12 Aug 2011 02:14:44 -0500 (CDT)
http://www.theregister.co.uk/2011/08/11/cyberwar_fallacies_revealed/

A: 'Ant smarts' not 'asymmetry'

By Dan Goodin in San Francisco
The Register
11th August 2011
Forget everything you've read on The Reg or anywhere else about wars that target computer networks, power grids and other essential electronic infrastructure because it's loaded with fallacies, a prominent security consultant said Wednesday.
Contrary to conventional wisdom, the damage from cyberwar can kill people, and those who wage it aren't as anonymous as most security experts and military advisers claim, Dave Aitel, CEO of Immunity said during a talk at the 20th Usenix Security Symposium in San Francisco. But the biggest myth of all, he submitted, is the idea that cyberwar inevitably favors the opponent, allowing people with modest means to inflict disproportionate mayhem on much larger opponents.
“People assume the current asymetricness, the current offense-seems-to-be winning feature of the internet, is built in and it's not,” he said during his 90-minute talk, which was titled “The Three Cyber-war Fallacies.” “This is a danger for attackers as well, because attackers can get lulled into a false sense of security. You have the advantage because you got lucky and the current field is on your side, but that changes quickly.”
Aitel said that contrary to the oft-repeated claim that cyberwar is “non-kinetic,” its effects include real physical effects that can be every bit as devastating as a bomb blowing up a bridge. He held up the ability of the Stuxnet worm to sabotage centrifuges used in Iran's uranium enrichment program as a prime example.
“People miss the message of Stuxnet, which wasn't: 'I blew up your nukes, I'm cool,'” he said. “The real message was: 'I can take out any factory you have at any time I choose.' That's a much scarier message.” 

[...]


___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
Previous By Date Next
Previous By Thread Next

Current thread: