Secure Coding mailing list archives
Re: Chinese Hacking, Mandiant and Cyber War
From: Ali-Reza Anghaie <ali () packetknife com>
Date: Wed, 20 Feb 2013 13:35:56 -0500
There is an agenda but it's also information that is long overdue - and there is more of it Classified for what many ppl consider no good reason. Also, other reports have indicated faculty and staff at the Unis too. None of which I doubt terribly. For me the bigger issue is that is simply doesn't matter - it's not like this level of nation-state backing is ~required~ for most cyber heists or most security issues. If anything it furthers (on top of other bad perceptions) that competitiveness is increasingly a function of secrecy vs innovation. Oh well - I'm repeating myself. ;-) -Ali On Wed, Feb 20, 2013 at 10:49 AM, Jeffrey Walton <noloader () gmail com> wrote:
On Wed, Feb 20, 2013 at 9:34 AM, Gary McGraw <gem () cigital com> wrote:hi sc-l, No doubt all of you have seen the NY Times article about the Mandiantreport that pervades the news this week. I believe it is important to understand the difference between cyber espionage and cyber war. Because espionage unfolds over months or years in realtime, we can triangulate the origin of an exfiltration attack with some certainty. During the fog of a real cyber war attack, which is more likely to happen in milliseconds, the kind of forensic work that Mandiant did would not be possible. (In fact, we might just well be "Gandalfed" and pin the attack on the wrong enemy as explained here: http://searchsecurity.techtarget.com/news/2240169976/Gary-McGraw-Proactive-defense-prudent-alternative-to-cyberwarfare .)Sadly, policymakers seem to think we have completely solved theattribution problem. We have not. This article published in Computerworld does an adequate job of stating my position: http://news.idg.no/cw/art.cfm?id=94AB4F98-9BBD-1370-154D49FAA7706BE9Those of us who work on security engineering and software security canhelp educate policymakers and others so that we don't end up pursuing the folly of active defense.I'm somewhat surprised a report of that detail was released for public consumption. The suspicion in me tells me its not entirely accurate or someone has an agenda. There's too much information in there that would be cloaked under "national security" given other circumstances. There also appears to be a fair of FUD-fanning going on: "Additionally, there is evidence that Unit 61398 aggressively recruits new talent from the Science and Engineering departments of universities such as Harbin Institute of Technology." The US equivalent would be like saying the NSA actively recruits Mathematicians and Computer Scientists. Jeff _______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Chinese Hacking, Mandiant and Cyber War Gary McGraw (Feb 20)
- Re: [External] Chinese Hacking, Mandiant and Cyber War Goertzel, Karen [USA] (Feb 20)
- Re: [External] Chinese Hacking, Mandiant and Cyber War Ali-Reza Anghaie (Feb 20)
- Re: Chinese Hacking, Mandiant and Cyber War Jeffrey Walton (Feb 20)
- Re: Chinese Hacking, Mandiant and Cyber War Ali-Reza Anghaie (Feb 20)
- Re: Chinese Hacking, Mandiant and Cyber War Glenn Everhart (Feb 21)
- Re: [External] Chinese Hacking, Mandiant and Cyber War Goertzel, Karen [USA] (Feb 20)