The Best Cybersecurity Strategy May be Counter-Terror

Monday, September 03, 2012

Danny Lieberman

959779642e6e758563e80b5d83150a9f

A conventional military paradigm does not work for cyber-security

Government cyber  security policy, molded by the military; traditionally frames cyber-security in the context of a defensive strategy based on intelligence gathering, threat analysis,  modeling and  monitoring  with  deployment of defensive network security technologies such as  firewalls, DDOS protection, intrusion prevention and honey-pots.

The problem with a defensive cyber-security strategy is that it does not address the root cause of threats.

 "Combating cyber-terror  with offensive strategies by using anti-terror techniques to dismantle terrorist infrastructures and social fabrics is a highly effective alternative to a defensive strategy."

Attacking social networks of hackers

Although there are offensive alternatives such as mounting systematic DDos attacks on the attackers or developing targeted spyware such as Stuxnet, even more intriguing is the notion of using a demand-side strategy to reduce the social value of being a hacker.

We can learn from the counter terror success of the Italians in the late 60s with dismantling the Brigatisti. The Italian government infiltrated the Red Brigades – bred mistrust and quickly rolled up the organization.

Attacking the social networks of people who develop and distribute malware would involve infiltrating the hacker underground, arresting hackers for criminal activity and cutting deals in return for actionable intelligence.

Since cyber attacks on Israel is a form of terrorism – I believe that this strategy could be effective since it goes directly to the source and potentially denies a key hacker benefit – the social gratification.

While an interesting idea – the key barrier to this strategy is deploying it where hackers operate and obtaining the cooperation of local law enforcement.

It’s clear that cooperation with other countries and a variety of partners inside and outside the Israeli government is a critical success factor for an offensive cyber-security strategy.

Getting more eyeballs on the problem

A cyber-security strategy that is not reviewed by outside people cannot correctly evaluate the economic effectiveness of cyber-security measures since political considerations will always override common sense.

Representatives from the newly formed Israeli Cyber Command need to work closely with private industry and share information about threats and vulnerabilities – since in most cases – privately held technology security developers and analysts have better and more up-to-date knowledge than government agencies who may have better intelligence.

"The effort to defend Israel in cyberspace will only succeed if it is coordinated across the government, with allies, and with partners in the commercial sector combining high-quality intelligence with deep understanding of evolving threats and peer review of the security measures."

Cross-posted from Israeli Software

Possibly Related Articles:
12142
Network->General
Federal Military Information Security
Cyber Defense counter-terrorism
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.