Search Mailing List Archives


Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Chinese Hacking, Mandiant & Cyber War

Yosem Companys companys at stanford.edu
Thu Feb 21 08:27:39 PST 2013


From: Gary McGraw <gem at cigital.com>

No doubt all of you have seen the NY Times article about the Mandiant
report that pervades the news this week:
http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-against-us.html

I believe it is important to understand the difference between cyber
espionage and cyber war.  Because espionage unfolds over months or years in
realtime, we can triangulate the origin of an exfiltration attack with some
certainty.  During the fog of a real cyber war attack, which is more likely
to happen in milliseconds,  the kind of forensic work that Mandiant did
would not be possible.  (In fact, we might just well be "Gandalfed" and pin
the attack on the wrong enemy as explained here:
http://searchsecurity.techtarget.com/news/2240169976/Gary-McGraw-Proactive-defense-prudent-alternative-to-cyberwarfare
.)

Sadly, policymakers seem to think we have completely solved the attribution
problem.  We have not.  This article published in Computerworld does an
adequate job of stating my position:
http://news.idg.no/cw/art.cfm?id=94AB4F98-9BBD-1370-154D49FAA7706BE9

Those of us who work on security engineering and software security can help
educate policymakers and others so that we don't end up pursuing the folly
of active defense.

gem

company www.cigital.com
podcast www.cigital.com/silverbullet
blog www.cigital.com/justiceleague
book www.swsec.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130221/d1b46bb9/attachment.html>


More information about the liberationtech mailing list