Archive | Dilemmas

Attribution is Hard, Part 1 | Tenable Network Security

To accurately establish attribution, you need evidence and understanding: Evidence linking the presumed attacker to the attack An understanding of the attacker’s actions, supporting that evidence Evidence collected from other systems that matches the understanding of the attacker’s actions An understanding of the sequence of events during the attack, matching the evidence via Attribution is […]

Claims that cyberspace is now cyberbattlefield

http://resources.infosecinstitute.com/classified-nsa-exploit-tools-radon-dewsweeper-work/ From the article: Security expert Bruce Schneier is one of the most authoritative experts who revealed that the NSA has a wide-ranging arsenal of zero-day exploits to use for cyber operations. The revelation isn’t surprising, the security community is aware of the great effort spent by governments on cyber operations. Many intelligence agencies have […]

Cyber mass shooter

http://p.washingtontimes.com/news/2013/oct/3/cyber-mass-shooter-poses-future-threat-computer-se/ What a great article. Of course General Hayden’s comments beg the question, how do you stop a criminal, if you can’t defend yourself? This really goes directly to the need to be able to respond to an immediate threat with a proportional use of force in self-defense. Of course, some will argue that it […]

Malware Attribution is a Waste of Time

According to Ellyne Phneah‘s piece at ZDNet, Rob Rachwald, senior director of research at FireEye observed that the security industry today is keen on attributing malware to a specific region or group in an effort to assign blame. [H]e pointed out attribution to malware was not key in combating cybercrime because it did little to […]

Spat between two Dutch companies sparks record-breaking 300Gbps DDoS attack – Yahoo! News

Spat between two Dutch companies sparks record-breaking 300Gbps DDoS attack – Yahoo! News. So, Spamhaus blacklists a hosting company, then Spamhaus gets hit by 300 GBPS of DDOS action. Looks like for Cyberbunker, there was immediacy, and there was a proportional response in the Disrupt spectrum, at least if Cyberbunker is doing it. Why proportional? […]

Schneier on Security: More on Chinese Cyberattacks

Schneier on Security: More on Chinese Cyberattacks. Schneier disagrees with active defense. From the post: Because espionage unfolds over months or years in realtime, we can triangulate the origin of an exfiltration attack with some certainty. During the fog of a real cyber war attack, which is more likely to happen in milliseconds, the kind […]

Obama Administration justification for use of drones against American Targets

http://www.wired.com/threatlevel/2013/02/legal-basis-killing-americans/ From the article: The paper’s basic contention is that the government has the authority to carry out the extrajudicial killing of an American citizen if ‘an informed, high-level official’ deems him to present a ‘continuing’ threat to the country. This sweeping authority is said to exist even if the threat presented isn’t imminent in […]

DDoS Attacks As Legitimate Protest?

The hacktivist group Anonymous, or someone claiming to be associated with them named Dylan K., has taken the unusual step of petitioning the Obama Administration to make Distributed Denial of Service Attacks DDoS legal. via “Anonymous” petitions Obama to decriminalize DDos attacks: Voice of Russia.

Powered by WordPress. Designed by Woo Themes