[Dailydave] In Defense of Offense
Adam Shostack
adam at shostack.org
Tue Sep 29 16:55:57 EDT 2015
On Mon, Sep 28, 2015 at 03:03:57PM +0000, Dave Aitel wrote:
| But one lesson from the week remains: The best defense in cyber is clearly an
| obviously unbeatable offense. Obama's successful Iranian and Chinese treaties
| both derive directly from decisive offensive cyber efforts.
|
Dave, I found this a very surprising statement from you. Can you
elaborate on what a decisive offensive looks like in cyberspace?
In the physical world, that would entail a collapse of physical or
moral capability to continue fighting. (I'm following Boyd here, if
you disagree, feel free to ignore the morale end of the equation.)
For example, a decisive offensive might entail the destruction of the
last spitfires, or breaking the supply lines on which Napoleon
relied.
I could see an Aramco-style attack, disabling the computers of a
division being a massive technical setback, but recoverable. I could
see pwning the cvs server on which NSA stores Flame being a large
setback, and requiring rebuild of implant technology, but
recoverable. I have trouble seeing a decisive offensive, and more
trouble seeing one which has no visible "collateral damage" like the
lights being out in Maryland for a month.
Adam
--
Don't miss out on my news, which comes out roughly once a quarter.
http://adam.shostack.org/newthing.html
More information about the Dailydave
mailing list