Re The Kronos indictment: Is it a crime to create and sell malware? - The Washington Post

["Dave Farber" <farber () gmail com>]

Begin forwarded message:

> From: Ross Stapleton-Gray <ross.stapletongray () gmail com>
> Date: August 4, 2017 at 5:14:13 PM EDT
> To: DAVID FARBER <dave () farber net>
> Subject: Re: [IP] The Kronos indictment: Is it a crime to create and sell malware? - The Washington Post
>
> On Fri, Aug 4, 2017 at 1:49 PM, Dave Farber <farber () gmail com> wrote:
> > https://www.washingtonpost.com/news/volokh-conspiracy/wp/2017/08/03/the-kronos-indictment-it-a-crime-to-create-and-sell-malware/?utm_term=.2f9652f201dd
>
>
> To add to this discussion, DARPA just announced a new program, called Harnessing Autonomy for Countering 
> Cyberadversary Systems (HACCS)... a proposers day for the program was already held at the end of July, but the formal 
> presolicitation is just out: https://www.fbo.gov/spg/ODA/DARPA/CMO/HR001117S0051/listing.html
>
> The premise is that botnets are a huge problem (yes), and that addressing them means not just mitigating their impact 
> when it hits the DoD's systems (gotta do that, securing DoD systems against infiltration, but also addressing the 
> impact of DDoS at the DoD perimeter), but also doing something to address compromised systems "out there," beyond DoD 
> space, and even when those systems' owners can't be bothered to do it themselves (wait, uh...).
>
> So the HACCS approach would be to identify and fingerprint botnets, and then insert "non-disruptive autonomous 
> agents" into "botnet-conscripted or otherwise compromised networks," where those agents could then make use of known 
> "n-day" exploits to take out the botted hosts or command and control elements.
>
> So, the performers under HACCS will absolutely be engineering malware; in theory it's for the "white hat" side of the 
> cyberconflict spectrum, but the techniques and technologies developed would be as readily applicable to all other 
> aspects of cyberwar/espionage, and there are lots of legal and ethical issues layered atop all of this.  The 
> presolicitation absolutely stresses issues of having agents be "verifiably safe and reliable," but that's kind of 
> like ensuring that your sniper team is "safe and reliable"... they will hit what they aim at, sure, and probably not 
> take out other parties, until you assign them to take out those various other targets, on the authority of your 
> [justification redacted].
>
> If anyone ends up interested in submitting to the HACCS solicitation, I'd be interested in hearing from you, in part 
> because I wear a "making cybersecurity research data more accessible to researchers" hat, and the program will 
> presumably depend on data, and will produce it, e.g., in creating simulation environments (which will almost 
> certainly involve acquiring *other* malware....).
>
> Ross
>
> Ross Stapleton-Gray, Ph.D.
> Stapleton-Gray & Associates, Inc.
> Albany, CA
>
>
>
>
>   
>
>
>
>
>
>
>
>  



-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20170804185334:BC272816-7967-11E7-8291-E5A31BFD82E8
Powered by Listbox: http://www.listbox.com