[Infowarrior] - New US security head advocates partnership at Black Hat

Sat Aug 9 15:07:36 UTC 2008

New US security head advocates partnership at Black Hat

By Joel Hruska | Published: August 08, 2008 - 12:44PM CT

http://arstechnica.com/news.ars/post/20080808-new-security-head-keynotes-black-hat-advocates-partnership.html

The head of the newly formed National Cyber Security Center, Rod  
Eckstrom, was one of Black Hat's keynote speakers this year, even  
though he's not actually a cyber security expert. Eckstrom is the co- 
author of a book entitled The Starfish and the Spider: The Unstoppable  
Power of Leaderless Organizations, and was presumably tapped to lead  
the NCSC based on his book's insights into the function of centralized  
organizations vs. decentralized organizations. Organizational  
principles might not seem to have very much to do with cyber security,  
but the two issues align more readily than may be immediately apparent.

The rise of the Internet over the past decade has fueled the growth of  
a number of decentralized organizations and structures, many of which  
now challenge older, centralized systems. Wikipedia has tussled with  
Encyclopedia Britannica, and the RIAA has fought the dispersal of  
digital content distribution tooth and nail, to name just two examples.

Beckman's ideas map quite well to both real-world and online security  
concerns. In the 20th century, nation-states were seen as the primary  
security threat against which other nation states defended themselves.  
In the post Cold War era, this has changed; terrorist cells and  
paramilitary forces are now the primary threats against which nations  
defend themselves. Conventional, centralized military tactics are of  
limited effectiveness against such a decentralized groups, as has been  
demonstrated by America's struggle to gain control of Iraq and  
Afghanistan.

Cyber security threats have evolved in a similar manner. When Clifford  
Stoll began his investigation into a 75 cent billing error while  
working at the Lawrence Berkeley National Laboratory in the mid-1980s,  
he uncovered the trail of hacker Marcus Hess, a West German citizen  
who ultimately proved to be in the employ of the KGB. Twenty years  
later, governments may still employ their own black hat teams for  
various covert operations, but the vast, vast majority of the Trojans  
shoveled out into the Internet every day are deployed for profit, not  
espionage. What was once a nation-to-nation attack vector has now  
decentralized, diffused. Chinese gold farmers are far more interested  
in the contents of my World of Warcraft account than the Chinese  
government is interested in the contents of my hard drive.

Because of the diffuse threat, securing United States interests  
against potential cyber security risks will require cooperation across  
the entire security industry. Beckstrom's role, and the NCSC's  
mandate, is to foster this type of decentralized approach. In his  
speech at Black Hat, Beckstrom praised the work of security companies  
and organizations that have coordinated the industry-wide effort to  
repair the DNS problem, and implied that such efforts are an absolute  
necessity for tackling future security issues. Beckstrom called for  
investment in protocol security, saying it "may be the cheapest  
security dollars we can invest," and referred to the recent DNS  
vulnerability as an example of how an insecure protocol can continue  
to cause problems even after repeated attempts to repair the damage.

The NCSC is just four months old, and Beckstrom's lack of technical  
knowledge could prove to be a problem down the road, but his  
perception of modern security as a struggle between centralized and  
decentralized forces seems spot-on. These conflicts may be inevitable  
as society evolves to make use of modern technology, but there seems  
little question that cyber security would benefit from cooperation  
between the government and the various facets of the white (or even  
gray) hat security industry. 