SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Thursday, September 2, 2010

The Inside Scoop on DoD Thinking

Posted on 6:12 PM by Unknown
I wanted to help put some of you in the mindset of a DoD person when reading recent news, namely Defense official discloses cyberattack and Pentagon considers preemptive strikes as part of cyber-defense strategy, both by Washington Post reporter Ellen Nakashima. I'll assume you read both articles and the references.

Deputy Defense Secretary Lynn's article (covered by the first Post story) is significant, perhaps for reasons that aren't obvious. First, when I wore the uniform, the fact that a classified system suffered a compromise was itself classified. To this day I cannot say if a classified system I used ever suffered a compromise of any kind. Readers might be kind enough to say if this policy is still in effect today. So, to publicly admit such a widespread event -- one that affected classified systems -- that is a big deal.

Second, Lynn said "this previously classified incident was the most significant breach of U.S. military computers ever." That is significant. It sets a bar against which other incidents can be measured. Why was it so bad?

Adversaries have acquired thousands of files from U.S. networks and from the networks of U.S. allies and industry partners, including weapons blueprints, operational plans, and surveillance data.

That's serious, and specific.

Third, after citing Google's January admission, Lynn says:

Although the threat to intellectual property is less dramatic than the threat to critical national infrastructure, it may be the most significant cyberthreat that the United States will face over the long term.

Every year, an amount of intellectual property many times larger than all the intellectual property contained in the Library of Congress is stolen from networks maintained by U.S. businesses, universities, and government agencies.

As military strength ultimately depends on economic vitality, sustained intellectual property losses could erode both the United States' military effectiveness and its competitiveness in the global economy.

I interpret this as saying cyberwar is hurting the US specifically because non-military targets are being hit, repeatedly and persistently.

Finally, I'd like to provide a counterpoint regarding the second Post article. Other pundits are calling DoD's potential offensive strategy "beyond stupid." I'd like to know what's stupid: more of the same failed vulnerability-centric policies and approaches of the last, what, 10, 15, 20 years, or taking a threat-centric approach to apply pressure on the adversary? I also wrote about this in 2007, like some other pundits. In the three years since, playing defense hasn't helped much. Expect more on offensive options in the coming years, in all sectors -- not just the military.

Tweet
Email ThisBlogThis!Share to XShare to Facebook
Posted in cybercommand | No comments
Newer Post Older Post Home

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • SANS WhatWorks Summit in Forensics and Incident Response
    I wanted to remind everyone about the SANS WhatWorks Summit in Forensics and Incident Response in DC, 8-9 July 2010. The Agenda looks gre...
  • A Book for the Korean Cyber Armies
    I've got a book for the Korean cyber armies, North and South. That's right, it's my first book , The Tao of Network Security Mo...
  • Sguil 0.7.0 on Ubuntu 9.10
    Today I installed a Sguil client on a fresh installation of Ubuntu 9.10. It was really easy with the exception of one issue I had to troubl...
  • Microsoft Updates MS09-048 to Show XP Vulnerable to 2 of 3 CVEs
    Microsoft published a Major Revision of MS09-048 to show that Windows XP Service Pack 2 and Windows XP Service Pack 3* are now Affected So...
  • Understanding Responsible Disclosure of Threat Intelligence
    Imagine you're hiking in the woods one day. While stopping for a break you happen to find a mysterious package off to the side of the t...
  • Embedded Hardware and Software Pen Tester Positions in GE Smart Grid
    I was asked to help locate two candidates for positions in the GE Smart Grid initiative. We're looking for an Embedded Hardware Penetr...
  • BeyondTrust Report on Removing Administrator: Correct?
    Last week BeyondTrust published a report titled BeyondTrust 2009 Microsoft Vulnerability Analysis . The report offers several interesting ...
  • Human Language as the New Programming Language
    If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think ...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ►  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ►  January (9)
  • ▼  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ▼  September (16)
      • Why Neither the US Nor China Admits Cyberwar
      • On the Other Side of an Advanced Persistent Threat
      • Why Russia and China Think We're Fighting Cyberwar...
      • Kundra IPv6 Memo
      • Five Reasons "dot-secure" Will Fail
      • Thoughts on "Cyber Weapons"
      • Bejtlich Speaking at TechTarget Emerging Threats E...
      • NYCBSDCon 2010 Registration Open
      • Someone Is Not Paying Attention
      • NetWitness Minidecoder in Action
      • DualComm Port Mirroring Switch
      • A Book for the Korean Cyber Armies
      • India v China
      • One Page to Share with Your Management
      • The Inside Scoop on DoD Thinking
      • Review of Hacking Exposed: Wireless, 2nd Ed Posted
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile