dannyl_sax_shablul

The best cybersecurity strategy may be counter-terror

Danny Lieberman  suggests that a demand-side strategy with peer-review may work best  for cyber-security.

A conventional military paradigm does not work for cyber-security

Government cyber  security policy, molded by the military; traditionally frames cyber-security in the context of a defensive strategy based on intelligence gathering, threat analysis,  modeling and  monitoring  with  deployment of defensive network security technologies such as  firewalls, DDOS protection, intrusion prevention and honey-pots.

The problem with a defensive cyber-security strategy is that it does not address the root cause of threats.

 Combating cyber-terror  with offensive strategies by using anti-terror techniques to dismantle terrorist infrastructures and social fabrics is a highly effective alternative to a defensive strategy.

Attacking social networks of hackers

Although there are offensive alternatives such as mounting systematic DDos attacks on the attackers or developing targeted spyware such as Stuxnet, even more intriguing is the notion of using a demand-side strategy to reduce the social value of being a hacker. We can learn from the counter terror success of the Italians in the late 60s with dismantling the Brigatisti. The Italian government infiltrated the Red Brigades – bred mistrust and quickly rolled up the organization.

Attacking the social networks of people who develop and distribute malware would involve infiltrating the hacker underground, arresting hackers for criminal activity and cutting deals in return for actionable intelligence.

Since cyber attacks on Israel is a form of terrorism – I believe that this strategy could be effective since it goes directly to the source and potentially denies a key hacker benefit – the social gratification.

While an interesting idea – the key barrier to this strategy is deploying it where hackers operate and obtaining the cooperation of local law enforcement.

It’s clear that cooperation with other countries and a variety of partners inside and outside the Israeli government is a critical success factor for an offensive cyber-security strategy.

Getting more eyeballs on the problem

A cyber-security strategy that is not reviewed by outside people cannot correctly evaluate the economic effectiveness of cyber-security measures since political considerations will always override common sense.

 Representatives from the newly formed Israeli Cyber Command need to work closely with private industry and share information about threats and vulnerabilities – since in most cases – privately held technology security developers and analysts have better and more up-to-date knowledge than government agencies who may have better intelligence.

The effort to defend Israel in cyberspace will only succeed if it is coordinated across the government, with allies, and with partners in the commercial sector combining high-quality intelligence with deep understanding of evolving threats and peer review of the security measures.

Related Posts Plugin for WordPress, Blogger...
Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply

Your email address will not be published. Required fields are marked *