[Dailydave] Why evaluating consequences is so important
Sergio 'shadown' Alvarez
shadown at gmail.com
Tue Dec 23 12:26:17 EST 2014
I've been reading the Sony thingy also the Operation Cleaver where analysts from US make analysis and look someone to blame, and who knows what will come next.
I have nothing against US, as a matter or fact I have a lot of very good friends, so please don't take it personal.
I'm pretty sure some people will get upset with this, but it is what I think.
My understanding was that there are things, which are off-limits at government level, military level, intelligence community and so on. As the General retired Michael Hayden mentioned during his keynote at Blackhat back in 2010, which I personally believe was a great talk. (https://www.youtube.com/watch?v=pKZDYgj0KTA)
Since Stuxnet, which was the first piece of software that targeted something which was off-limits, US should have taken a step back. But that didn't happen; after that, Flame, Duqu, etc came after, not even mention the Snowden stuff.
Shouldn’t those things be considered as an act of war as well? I mean, we were just lucky nothing blown up, but it could have.
Basically, if somebody violated all those agreements that were there was US, and that certainly had an impact all over the world.
Personally what the intel community does I don't give a damn because that's something every single country does, if someone plays better than others good for whoever it is.
On the other hand, when things turn into violating things which have an impact or could have a drastic impact on the general population, that is a whole different talking, because it is not a military game anymore.
Making a proper analysis of the consequences before taking actions was easier before because the overwhelming power was clear, which prevented the weaker ones from counter attacking.
In the past whoever had the most powerful weapons had a clear win, period.
The issue is that since everything started to get connected directly or indirectly and became digital, the game changed entirely.
Now a day a team with a bunch of skilled hackers and developers can leverage attacks with catastrophic results. Which means that any country/company/group_of_people with a team of a few skilled guys (10?) can do a disaster, from anywhere in the world with a few laptops.
I won't elaborate into what catastrophic results means because the list is pretty long as well as the technologies and software involved, and I believe the most critical ones are clear already. To name a few: chemical, transportation, SCADA, communications, financial, medical and so on.
The ones taking decisions in the US government should have done a better analysis of the consequences and risk associated to what they started.
State and non-state sponsored actors have unfortunately started to take actions that I don't believe will stop any soon. Pretty sad.
More information about the Dailydave