[Dailydave] In Defense of Offense
Dave Aitel
dave.aitel at gmail.com
Mon Sep 28 11:03:57 EDT 2015
Strategic analysis is hard, but the oncoming Chinese decision to abandon
its economic espionage program was easy to predict
<http://www.businessinsider.com/us-no-hacking-deal-with-china-2015-9>. In
particular, a large part of the decision hinged on a old Usenix talk
<https://www.usenix.org/conference/usenix-security-11/three-cyber-war-fallacies>
about how Attribution is not impossible, despite ongoing claims to the
contrary.
The Snowden Affair was a bit of a wrinkle in the path. Things were already
headed toward this moment of compromise before that, but then he landed in
Hong Kong and the Chinese reconsidered when they saw that maybe the US
programs and intelligence efforts were compromised enough that they would
not be able to push sanctions through after Snowden cleared out the
offensive bench.
But the US offensive bench is a mile wide and a mile deep. Even if everyone
at the NSA quit tomorrow and the Chinese removed every compromised host and
person from their networks, the US Government would still be able to
provide attribution for Chinese cyber espionage attacks. Continued Chinese
denial was just a straight-forward path to embarrassingly specific
sanctions.
This is good news for Chinese hackers. While the money from economic
espionage is hard to beat, there's no denying that the kinds of operations
they have become capable of - hacking RSA to grab the keys to hack Lockheed
Martin and Raytheon, hacking the F-35, grabbing the OPM data, are more
worthy of their stature.
But one lesson from the week remains: The best defense in cyber is clearly
an obviously unbeatable offense. Obama's successful Iranian and Chinese
treaties both derive directly from decisive offensive cyber efforts.
-dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20150928/c77d36f5/attachment.html>
More information about the Dailydave
mailing list