A weapon of massive disruption[1]

[Dave Aitel <dave.aitel () gmail com>]

So for those of you keeping up with the Prezi I'm working on
(http://prezi.com/vunircise2q8/three-cyber-war-fallacies/), you are
probably also keeping up with the PBS hack, the Sony hacks, and the
LMCO+RSA hacks.

There is relatively little (aka almost NO) information available on
the LMCO+RSA hacks. Probably nothing you should believe is being said
in public. Personally, I think it was the other way around (aka, LMCO
caught the hackers, figured out how they got in, and then told RSA).

That said, the Sony and PBS hacks have been reasonably public as these
things go. In particular, it's easy to imagine the PBS team furiously
trying to clean their servers on Memorial day, instead of going to
picnics. As these things go, the easiest metric for how long Sony and
PBS are going to remain hacked is "How long the team hacking them
wants to play the game". Aside from the PBS IT staff having physical
access, they're at a severe disadvantage here. Time is not on their
side - in Sony's case, because of the scale of the problem. In PBS's
case, because of the complete lack of funding for computer security
that led to them getting hacked in the first place. Can PBS afford an
expensive team of Intrusion Suppression speciallists[4]? No they
cannot.

In any case, neither of them is conducting business as usual - and
potentially they never will again. In the presentation (which is still
in mid-level brainstorm phase),
"
For the warfighter, cyber is more powerful than the other weapons of
mass destruction because it is, at the heart, a weapon of mass
disruption.
"

Generally the style when writing a talk of this nature is to say
random things and then try to back them up. If you look carefully at
this year, you'll notice that while in the past "Hactivism" was a joke
told by clowns, it's rapidly becoming something a lot more real. As a
historical corollary, there was a time, before WWII and eCommerce and
GPG when cryptography was not the constant focus of everyone who
wanted to do anything securely. Then in 1876 Tilden lost a presidency
by having his ciphers' cracked (see [2], although WikiPedia disagrees
on this). And, of course, by WWII everyone and their brother had a
constant focus on cryptography, even if they denied it at the time. We
built computers for it! (Well, that and porn, obviously).

This is where we are in our history of cyber attacks - we're at the
stage where these things are essentially expensive toys.[5] There's no
overall theory to it. The best you can see in public are things like
Halvar's INFILTRATE[3] talk, or Michael Hayden's BH keynote. This
won't be true for much longer.

So what is a weapon of mass disruption? I would say one feature of
Cyber is that it DIRECTLY attacks things that can only be indirectly
attacked by other measures. One, easy to see example, is political
parties. Obama's campaign got hacked in 2008. Palin's mailspools
leaked in 2008. No one seemed to care about either other than for the
lulz.

I don't think 2012 will be the same thing. You're going to start
seeing major, game changing impact from these events on all sides of
the fence, and at all levels of political activity. Time to gear up!

-dave

[1] Not to be confused with Lily Allen, a weapon of massive
consumption. (http://www.songlyrics.com/lily-allen/the-fear-lyrics/)
[2] 
http://books.google.com/books?id=SEH_rHkgaogC&pg=PA109&lpg=PA109&dq=cipher+dispatches&source=bl#v=snippet&q=%22cipher%20dispatches%22%20Tilden&f=false
[3] http://www.immunitysec.com/infiltrate/presentations/Fundamentals_of_exploitation_revisited.pdf
[4] Intrusion suppression is Chris Day's term. Great one though, amiright?
[5] As proof, ask ANYONE how much a particular exploit is worth. Watch
them squiggle. Cute, right? :>
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave