Always A Bad Day For Adversaries

Month: January 2013

What It Takes to Fight the Hackers

Future WarriorsI’ve practiced cyber security for 10 years.  Not as long as some, but longer than most.  I don’t consider myself an expert because I don’t believe the field is mature enough to identify an expert.  But I’ve fought many battles with the adversary.  I’ve felt elated success and stinging failure.  I have my share of war stories.  I struggle regularly with ethics and moral dilemmas.  I try to stay true to the simple promise I made to myself many years ago: always use my powers for good.

I read a very well written article, “What it Takes to Fight the Terrorists,” on the psychological impact of working counter-terrorism for years.  The toll of the long hours.  The moral dilemmas they face daily and the stress imposed by the cost of failure.

I am not going to sit here and preach that the stress of an intrusion analyst and network defense operator is the same – it is not.  At the moment there are real costs to our failure but none as great as that caused by terrorists.  We don’t have to wake up and see the results of thousands of innocents dead and question why we could not stop it.

futurewarstoriesBut I’m afraid that one day we will.  As our systems become even more interconnected and a greater number of life-safety and community-critical systems become connected, it is a high possibility that a hacker, intentional or not, will cause large-scale loss of life.  See my earlier article as an example.  Instead of the smell of the site of a terrorist bombing, maybe we will instead be ingrained with an image of an exploded power plant caused by someone behind a computer half a-world away.

Maybe one day there will be a cyber equivalent to 9/11 and those of us who could have stopped it will plumb the depths of our being to answer why we did not stop it.  On that day, as with 9/11, the world will change.

They call cyber security the new counter-terrorism.  The new nuclear threat for the next 20 years.  I’m afraid that one day this article will be written about us.  But until that time, we must learn from our counter-terrorists colleagues – from their courage, fortitude, successes, and failures.

5 Cyber Security Predictions for 2013

2013 Crystal Ball2012 has been an interesting year with a growth in our understanding of our adversaries and some high-profile international security incidents.  2013 will continue to impress, but differently.  It will ultimately be a year of strategic growth.

 

Here are 5 cyber security predictions for 2013.

 

 

1. There will be little change to the threat landscape

There will be little change to the threat landscape in 2013 as our adversaries are already achieving their intent (extrapolating the size and scale of currently known adversary operations) and therefore have little pressure to change.  However, I do not see this as holding into 2014 as greater innovation in the threat intelligence and mitigation space is made (prediction #4) and the role of government is better defined (#5).

 

2. Cyber attacks will have a greater impact to a greater number

As data and service providers co-locate in cloud environments, attacks on the infrastructure providing these services will rise (attackers will always go to where the data lives) resulting in greater collateral damage to non-intended victims simply based on with whom they are co-located.

 

2.1 Corollary: Risks will be more difficult to assess as control of the location of data and an accurate knowledge of the infrastructure is lost in the cloud.  This will cause businesses to continue to mismanage public and customer relations when incidents occur.

 

3. The cost of cyber threats will grow and there will be an increased awareness and visibility of those costs resulting in greater effective action in the mid-and-long term.

Based on prediction #3 the cost of cyber threats to all organizations will grow.  However, as has been the trend, visibility of security issues and incidents will rise forcing business change to address this challenge in new ways (hence prediction #5).   Innovation will then lead to greater effective action in the mid-and-long term.

 

4. The role of government in securing computer systems from domestic and foreign cyber threats will continue to be muddled.

The role of government in any area is generally slow to evolve.  Cyber security has not been any different.  As governments around the world are consumed by domestic and international economic affairs, little attention will be focused on this problem further delaying necessary action.

 

5. Private industry, vice government or research, will make great innovations in the threat intelligence and mitigation space.

Based on: (1) the amount of venture capital flowing into cyber security industry to produce innovations in threat intelligence and mitigation, (2) the market growth for such innovations (based on predictions #2 & #3), and (3) with the growth in funding means the ability for private industry to recruit and retain the best talent in the field — it is no great stretch of the imagination to see that this is where the innovations necessary to combat the threat and increase risk and cost on the adversary will originate during 2013 changing the threat landscape in 2014 and beyond.

Powered by WordPress & Theme by Anders Norén