[liberationtech] Chinese Hacking, Mandiant & Cyber War
Yosem Companys
companys at stanford.edu
Thu Feb 21 08:27:39 PST 2013
From: Gary McGraw <gem at cigital.com>
No doubt all of you have seen the NY Times article about the Mandiant
report that pervades the news this week:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html
I believe it is important to understand the difference between cyber
espionage and cyber war. Because espionage unfolds over months or years in
realtime, we can triangulate the origin of an exfiltration attack with some
certainty. During the fog of a real cyber war attack, which is more likely
to happen in milliseconds, the kind of forensic work that Mandiant did
would not be possible. (In fact, we might just well be "Gandalfed" and pin
the attack on the wrong enemy as explained here:
http://searchsecurity.techtarget.com/news/2240169976/Gary-McGraw-Proactive-defense-prudent-alternative-to-cyberwarfare
.)
Sadly, policymakers seem to think we have completely solved the attribution
problem. We have not. This article published in Computerworld does an
adequate job of stating my position:
http://news.idg.no/cw/art.cfm?id=94AB4F98-9BBD-1370-154D49FAA7706BE9
Those of us who work on security engineering and software security can help
educate policymakers and others so that we don't end up pursuing the folly
of active defense.
gem
company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com
--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list