Black Hat: Success Stories and the Role of Government
Tue, Jul 31, 2012 by Andrew Conway
“Spam is one of our greatest success stories.” That’s a quote from security guru Bruce Schneier, surveying the current state of cyber security in a panel at the Black Hat computer security convention. Thanks, Bruce, we spam fighters appreciate the kind words.
The Black Hat briefings started with a keynote address from Shawn Henry, a former FBI Executive Assistant Director of the FBI, now working for a private security company. Security experts will always tell you of the huge threat posed by whatever they are selling the solution to. For Cloudmark the pitch is easy, you just have to look in your spam folder to see our great success story. (Yes, I like saying that.) Mr Henry on the other hand could only tell us that cyber espionage is having a huge impact, but most of what he knew was classified. I guess we’ll have to wait a generation or so till that stuff is declassified to get the straight dope.
His best proposal for what you can do when you discover that a foreign government or company has penetrated your network and are listening in to your meetings and downloading your long range plans was that you feed them false and misleading information. Based on the accuracy of most corporate long range plans I’ve seen, we are already doing that.
The members of the discussion panel of Black Hat veterans that followed his presentation felt that government should take a bigger role in protecting American interests against foreign industrial espionage. Personally I think that automatic trade sanctions against any government or company found hacking American corporate systems would not go amiss, but Congress seems to have different priorities for computer security.
Later in the week, Def Con hosted a panel of representatives from various US intelligence agencies: NRO, CIA, NSA, DIA, US Military… One of them was brave enough to point out that the large number of different agencies, represented on the panel, was an indication that the US did not have a sufficiently well-coordinated strategy of cyber warfare. However, the panel moderator, who simply identified himself as “Priest”, made it clear that the US does have an aggressive policy of cyber offense, but we would only hear about it if things went wrong.
Let’s hope that in thirty years or so when all this is declassified and the histories of US cyber intelligence in the early twenty first century are written, it turns out to have been as big a success story as, say, spam filtering.