Danny Lieberman suggests that a demand-side strategy with peer-review may work best for cyber-security.
A conventional military paradigm does not work for cyber-security
Government cyber security policy, molded by the military; traditionally frames cyber-security in the context of a defensive strategy based on intelligence gathering, threat analysis, modeling and monitoring with deployment of defensive network security technologies such as firewalls, DDOS protection, intrusion prevention and honey-pots.
The problem with a defensive cyber-security strategy is that it does not address the root cause of threats.
Combating cyber-terror with offensive strategies by using anti-terror techniques to dismantle terrorist infrastructures and social fabrics is a highly effective alternative to a defensive strategy.
Attacking social networks of hackers
Although there are offensive alternatives such as mounting systematic DDos attacks on the attackers or developing targeted spyware such as Stuxnet, even more intriguing is the notion of using a demand-side strategy to reduce the social value of being a hacker. We can learn from the counter terror success of the Italians in the late 60s with dismantling the Brigatisti. The Italian government infiltrated the Red Brigades – bred mistrust and quickly rolled up the organization.
Attacking the social networks of people who develop and distribute malware would involve infiltrating the hacker underground, arresting hackers for criminal activity and cutting deals in return for actionable intelligence.
Since cyber attacks on Israel is a form of terrorism – I believe that this strategy could be effective since it goes directly to the source and potentially denies a key hacker benefit – the social gratification.
While an interesting idea – the key barrier to this strategy is deploying it where hackers operate and obtaining the cooperation of local law enforcement.
It’s clear that cooperation with other countries and a variety of partners inside and outside the Israeli government is a critical success factor for an offensive cyber-security strategy.
Getting more eyeballs on the problem
A cyber-security strategy that is not reviewed by outside people cannot correctly evaluate the economic effectiveness of cyber-security measures since political considerations will always override common sense.
The effort to defend Israel in cyberspace will only succeed if it is coordinated across the government, with allies, and with partners in the commercial sector combining high-quality intelligence with deep understanding of evolving threats and peer review of the security measures.