Four things I'm reading this week:
Obama on Cybersecurity: Think About Pandemics: In a wide-ranging interview about technology, AI, and the future of innovation, President Obama and Joi Ito — the Director of the MIT Media Lab — discussed cybersecurity. Obama described the problems we face today as eerily similar to that posed by a pandemic, with the same challenges posed by the need to combat the insertion and spread of malicious intruders. The entire interview is worth a read, but the cybersecurity discussion is about halfway down.. I’m reading: “Barack Obama, Neural Nets, Self-Driving Cars, and the Future of the World.”
- So Many Kinds of Deterrence, So Little Time: In the wake of the USG’s official attribution of the recent political hacks to Russian actors who “intended to interfere with the election process,” the public debate has turned to what steps the USG should now take to respond. There are many things that could be done — some public, some private. And it’s essential that there be strong action in response as a signal that this type of activity is an unacceptable way for nation states to behave in the 21st century. But what we’re not really talking about is the need to make these intrusions harder to do.
Many people seem to have thrown up their hands, accepted that intrusions will always be easy, and turned to deterrence as our sole avenue to manage cyber threats. Deterrence is an important component of any solution, but it can’t solve the problem alone. In recent years, we have built and tested a range of deterrence options, from naming and shaming to sanctions, indictments, cyber-enabled responses, and asymmetrical options. This was an essential effort, but it’s time we re-emphasized the other side of the equation. This experience should be a wake-up call that pushes us to innovate on cyber defense. We need to improve the way we control and secure our data centers, so that it takes longer and is more costly to get in. If we don’t change that side of the equation, this problem is not going away — no matter how many deterrence options we have on the table. I’m reading: “Thoughts on White House Pledge to Respond to DNC Hack.”
- A Retrospective on the TV5Monde Hack: In April 2015, a group calling itself “the Cyber Caliphate” took France’s TV5Monde off the air with highly targeted malware. Originally believed to be an independent group linked to ISIS, forensics now indicate that this was a highly coordinated, long-planned intrusion orchestrated by an organization (dubbed APT 28) with links to the Russian government. Two things about this are worth noting. First, we can add this to the list of significant intrusions enabled by long dwell times (the intruders were inside at least from January to April). Second, with all the discussion about attribution, this gives a great example of how effective attribution can be, and what you likely will — and won’t — be able to discover through technical forensics. Definitely worth a read. I’m reading: “How France's TV5 was almost destroyed by 'Russian hackers'.”
- The Asymmetry of Security as a Tool for Targeting the Press: A group of hackers hacked Buzzfeed last week in an effort to impose costs on the news service for coverage of them that they didn’t like. The damage wasn’t great, but this is another example of the subjects of unfavorable news coverage using “Self-help” online to retaliate against reporters. This is a dangerous trend, and one that will likely only continue unless we can do a better job locking down our systems. I’m reading: “Hack Brief: Hackers Breach BuzzFeed in Retaliation for Exposé.”