To get notices of new blogs via email, click here:

Thursday, March 3, 2011

Is the US ready for a Stuxnet response?

Great question in today's Computerworld headline: "If Stuxnet was act of cyberwar, is U.S. ready for a response?" And the article gives the right answer: No. Heck no! And how unprepared are we? In Networkworld, a sister publication, the headline reads, "Hackers needed to save the world—at least America." The comments to the article are more revealing than the story itself. Basically, one anonymous contributor pretty well builds the case that no really good hacker would EVER consider going to work for the U.S. government. Naturally, I put in my two cents, as the story absolutely builds a case for cyber privateers. My comment:

No gifted hacker will ever apply for the job.
Becoming a federal employee [or even a contractor, a comment I added later] is a nightmare to which no proficient hacker would allow himself to aspire. We really must monetize hacking talent in a way that encourages the best and brightest to legally loot bad guys' (and rogue government) bank accounts. And there really is both (a) a legal basis for congress issuing letters of marque and reprisal, and (b) a workable cyber privateer code of conduct that will protect the innocent.
No really good talent would put up with being a federal employee. Which, uh, explains a lot of our predicament today. Doesn't it?
In my opinion, Stuxnet really didn't START the cyber war. That happened during Operation Desert Storm (when little nasties planted in printer EPROMS took out the Iraqi air defense system). China (for one) got the message loud and clear. According to Richard Clarke in his book Cyber War, they saw how cyber dominance could make up for a lot of expensive military hardware they didn't have (and wouldn't have for a generation).

Do you have a "Plan B?" I do. But alas, I give the same answer I give security system telemarketers who ask what kind of a system I have: "Sorry, my dad told me never to play my cards face up." You can do a search (in the left-had box) by typing in "PLAN B" (without quotes) to see several posts that may entertain you. If you don't have a Plan-B scenario, an off-the-cuff suggestion would be to block out your Saturday nights for knocking off liquor stores. But be sure to hit them early, because that may be a lot of other people's Plan B, too.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?