Wednesday, August 3, 2011

Cyberwar "Pearl Harbor?"

My second article back on October 15, 2010 dealt with the reality of not-so-trivial attacks by Russia and China. Heck, on November 11, 2010 I publicized the IP addresses of the Chinese attack servers hitting my own Linux "honey pot." Unlike the professional "observers" of history who write articles like today's Time/Techland story asking if we fumbled "the world's largest cyber attack," my goal all along has been to propose a workable solution to ever-smarter crooks and evermore thorough rogue governments. The situation today? McAfee's vice president of threat research Dimitri Alperovich net-nets it in the last paragraph of the Time story:

"I am convinced that every company in every conceivable industry with significant size and valuable intellectual property and trade secrets has been compromised (or will be shortly), with the great majority of the victims rarely discovering the intrusion or its impact," said Alperovitch. "In fact, I divide the entire set of Fortune Global 2000 firms into two categories: those that know they've been compromised and those that don't yet know."
One thing is clear, though. McAfee must have a get-out-of-jail-free card. Quoting the same article:
Alperovitch says McAfee "gained access to one specific Command & Control server used by the intruders," and began gathering log-based evidence in mid-2006 (though noting the attacks could have begun earlier).
So my question to McAfee is rather obvious. You guys have watched "one specific operation" steal "petabytes of data" in 2009, why in blazes didn't you work with NSA or DoD to launch your own virus countermeasures and shut the operation down? Either we were too politically stupid to act, or too technologically stupid the be able to act. Or both.

ZDNet's headline today: "Has the United States already suffered its cyberwar Pearl Harbor?"

My own headline is closer to reality, since the U.S. is not smoking in a pit of blown computers and SCADA utility meltdowns: "Since 2009, McAfee has watched a foreign government steal petabytes of data (logs going back to 2006) and did nothing about it?" 

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?