It's "confused" intentionally - the money and control grab that can be accomplished through "war" FAR exceeds anything that comes under the context of espionage.
It's all about increasing the perception that a State-level response is the only effective solution. RE: Policy makers - the biggest problem I've had with convincing anybody in those circles is they think attribution is equal when it comes to them. A Maltego graph finding a bit of information on them and tying it to a Facebook profile is absolutely convincing. No matter what else you say - after such a demonstration by an "expert" - they resolutely believe that all other attributions are just that exacting. The route I've been taking lately is trying to explain to people how ~little~ a State-funded attacker matters to them. Geopolitical attribution doesn't even matter until you get thousands of other sheep herded. Until then all the China-China-China is a distraction from much more baseline and broad issues in InfoSec. -Ali On Wed, Feb 20, 2013 at 10:47 AM, Goertzel, Karen [USA] < goertzel_ka...@bah.com> wrote: > I agree - and grow increasingly frustrated with those who insist on > confusing "cyber war" with "cyber espionage" (and vice versa). But I've > found it's quite easy to get them to understand the difference by simply > asking them to drop the prefix "cyber" from each. Cyber war is simply war > fought on an electronic battlefield with digital weapons. The general > objectives are the same as physical warfare: disable/destroy the > adversary's capabilities. > > In cyber espionage, by contrast, the objective is to obtain information > that is held secret by the adversary. This said, espionage is never an end > in itself - information must be used for something to have any value. Thus > the (possible) source of confusion (other than that pesky "cyber" tag): one > may undertake cyber espionage in aid of cyber war - just as one sends out > spies to learn secrets to give one's side a strategic advantage in warfare > (or soldiers to do reconnaissance before battle - which is a form of > tactical espionage). > > The problem is that the origin of the cyber attacks involved may be the > same, and the timing of the cyber attacks may be (near) simultaneous, so > that in the heat of the moment, one might be forgiven for misconstruing as > "cyber war" what is in fact "cyber espionage in aid of cyber war". But as > the objectives of the two are quite different, the attack patterns are also > very likely to be different. So there is no excuse for anyone with more > than the most superficial level of understanding of "things cyber" to > confuse one with the other. > > === > Karen Mercedes Goertzel, CISSP > Lead Associate > Booz Allen Hamilton > 703.698.7454 > goertzel_ka...@bah.com > > "If you're not failing every now and again, > it's a sign you're not doing anything very innovative." > - Woody Allen > > ________________________________________ > From: sc-l-boun...@securecoding.org [sc-l-boun...@securecoding.org] on > behalf of Gary McGraw [g...@cigital.com] > Sent: 20 February 2013 09:34 > To: Secure Code Mailing List > Cc: Bruce Schneier; Ross Anderson > Subject: [External] [SC-L] Chinese Hacking, Mandiant and Cyber War > > hi sc-l, > > No doubt all of you have seen the NY Times article about the Mandiant > report that pervades the news this week. I believe it is important to > understand the difference between cyber espionage and cyber war. Because > espionage unfolds over months or years in realtime, we can triangulate the > origin of an exfiltration attack with some certainty. During the fog of a > real cyber war attack, which is more likely to happen in milliseconds, the > kind of forensic work that Mandiant did would not be possible. (In fact, > we might just well be "Gandalfed" and pin the attack on the wrong enemy as > explained here: > http://searchsecurity.techtarget.com/news/2240169976/Gary-McGraw-Proactive-defense-prudent-alternative-to-cyberwarfare > .) > > Sadly, policymakers seem to think we have completely solved the > attribution problem. We have not. This article published in Computerworld > does an adequate job of stating my position: > http://news.idg.no/cw/art.cfm?id=94AB4F98-9BBD-1370-154D49FAA7706BE9 > > Those of us who work on security engineering and software security can > help educate policymakers and others so that we don't end up pursuing the > folly of active defense. > > gem > > company www.cigital.com > podcast www.cigital.com/silverbullet > blog www.cigital.com/justiceleague > book www.swsec.com > > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - > http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ > > _______________________________________________ > Secure Coding mailing list (SC-L) SC-L@securecoding.org > List information, subscriptions, etc - > http://krvw.com/mailman/listinfo/sc-l > List charter available at - http://www.securecoding.org/list/charter.php > SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) > as a free, non-commercial service to the software security community. > Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates > _______________________________________________ >
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
