[Dailydave] COIN is important in Cyber!

Dave Aitel dave at immunityinc.com
Sat Dec 20 08:04:18 EST 2014

So this should be the week of furious NK and Chinese backpedaling. In
general coming out with a cyber capability means that you make it
obvious to the IC who did it, while maintaining plausible deniability to
the public, and of course, not going so far that the IC is force to act.
NK miscalculated that last part. The IC doesn't care about what you post
on Twitter after the fact and is going to use this to tie to the other
cyber issues it feels go over the line (aka the Chinese economic
espionage program).

<picture of COIN in action>

But the continual "I still don't believe it's NK" news reports and
Twitter grumblings can be explained by looking at the extremely confused
IC strategy in terms of a failed Counter-Insurgency operation. In other
words, the IC's credibility is in the toilet. The hearts and minds they
lost in the information security community when the head of the FBI was
idiotically screaming to Congress that Apple's new iPhone encryption is
going to enable pedophiles and terrorists, or blatantly misleading 
Congress about American meta-data collection, or prosecuting people for
incrementing numbers in URLs, all matter. Until they realize they have
to approach every prosecutorial overreach on a teenage "hacker" with the
same care that a base commander in Pashtun territory would shake a
child's hand in Khandahar then the IC will fail to get the support of
the various tribal leaders in Infosec they maybe still don't understand
they need.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141220/d2b518d5/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hearts_and_minds.jpg
Type: image/jpeg
Size: 164533 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141220/d2b518d5/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20141220/d2b518d5/attachment-0001.sig>

More information about the Dailydave mailing list