> What if it's your business that's the target of tier 1 Western > Intelligence actors who are interested in collecting intelligence on > said target so as to bestow competitive advantage to your competitors > for whatever the reason may be?
I'm going to give two answers here, one human-readable and one which will require a fairly high level of technical knowledge. ===== You haven't heard me talk about intelligence agencies for a simple reason: the capabilities of private sector groups match or exceed those of nation-states. For instance, Google's been defending their networks against sophisticated Chinese attacks for so long that it wouldn't surprise me one bit if Google had an in-house team capable of playing the game with anyone. That said: effective defense is built upon knowledge. Knowledge informs your threat model and helps guide your responses. Extremely serious attackers will be single-mindedly obsessed with denying you this knowledge. That's part of what makes defending against them so difficult: if you don't know you're under attack, you're extremely ill-equipped to defend. I am not especially worried about so-called "advanced persistent threats". When I hear someone say their IDS is going off hundreds of times a day with IP addresses resolving to China, I yawn. That's not an advanced threat. (Persistent, maybe. Not advanced.) An advanced threat is one that doesn't set off the IDS, one you don't see coming, one you don't get the opportunity to stage active measures against. ===== Now for the technically challenging stuff: Lockheed Martin wrote a *fantastic* whitepaper on defending against advanced threats. "Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains". Read it. http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf My explicit assumptions for such a > situation is that they don't want their target to know they are under > surveillance and as result they aren't going to be knee-capping the > target's employees to get their desired information. Business > premises and data at rest and in transit is fair game as is the use of > malware, root kits, warrantless wiretaps, etc. > > Perhaps the situation is that you're a Canadian jet engine > manufacturer that has come up with a prototype for super efficient > mach 2 capable engines for commercial aircraft :-D Of course you want > to make sure that you and your engineers and other employees with > access to sensitive data employ whatever measures you can to avoid a > data compromise. :-D > > Obviously I'm trying to lighten the mood a little and still explore > what the possibility is, if any, of protecting data from the prying > eyes of tier 1 actors who might not think that what you have is > important enough to kill or injure you for but that they would try > very hard to get by employing other efforts. I'm not saying having a > smart card reader and a pin pad here is going to be the magic amulet > to protect your interests. > > <<Flame retardant suit on, fire away :-D >> > > Best Regards, > Duane > > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users > _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
