In Brief
Cyberwar: Is Offense the New Defense?
Many experts - including some in the military - argue that cyber weapons could make our networks safer. But will they? Robert Lemos reports from the Conference on Cyber Warfare in Estonia.
"Lets say we are the victim of a cyber attack that kills our electric grid," he said. "Everyone who does forensics on the system will say they can't tell who did it. But say that you had a spy in the president of Elbonia's office, and he tells you that they attacked us. You now have evidence of a crime."
"Most people, when they say that attribution is impossible -- they are talking about technical attribution," Lin said.
Unless the attribution problem can be solved, defenders will have to settle for attacking back at the compromised systems used by opponents. Yet, even that worries policy makers.
Only in the best case would defenders actually strike back at a system owned by the aggressor. Almost every time, defenders will find themselves attacking the compromised computer of an innocent person. Even if the "attack" is actually a software patch or a program to remove the malicious code, something could go wrong. With actual cases of bot software infecting the computers that handle critical data or control medical systems or critical infrastructure, the fear is that patching the system could cause the machine to crash.
It's those legal and liability concerns that have prevented researchers, such as Leder and Werner from the University of Bonn, from trying to take pre-emptive action against botnets. However, the researchers argue that the concern is misplaced.
"In reality, we have seen malware on medical devices that has stopped those devices from working," Leder said. "So there is actually a real threat that malware might kill people in the future. It hasn't happened now, but it might be in the future. So, doing proactive countermeasures could prevent some of those situations."
With Conficker sitting on a large number of computers, the time to act is now, the researchers argued.
"Do nothing until we get attacked? Obviously that is not an option," said Werner.
cyberwar
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.
- Upgrading to VMware vSphere with vWire
- Removing Barriers To Better Server Virtualization Efficiency
- Practical Approaches for Securing Web Applications across the Software Delivery Lifecycle
- Staying A Step Ahead of the Hackers: The Importance of Identifying Critical Web Application Vulnerabilities
- Managing A Growing Threat: An Executive's Guide to Web Application Security
- The Forrester Wave™: Web Filtering, Q2 2009
Get instant notifications when whitepapers, webcasts and case studies are added
to our library. Sign up for a Resource Alert now!
CSO Corporate Partners
CSO Perspectives
-
April 5-7, 2010Hyatt Regency Santa ClaraClick here for more information!
Santa Clara, California
(ISC)2 members can earn up to 24 CPE Credits!
