[Infowarrior] - Operation Olympic Games, Project X, and the assault on the IT security industry
Richard Forno
rforno at infowarrior.org
Mon Jun 4 21:05:36 CDT 2012
(c/o ferg)
http://www.forbes.com/sites/richardstiennon/2012/06/04/operation-olympic-game-project-x-and-the-assault-on-the-it-security-industry/
Richard Stiennon, Contributor
6/04/2012 @ 2:48PM |234 views
Operation Olympic Games, Project X, and the assault on the IT security industry
Discussion is raging over the implications of Friday’s revelation by David Sanger that the United States was responsible for Stuxnet. Sanger followed up with an Op-Ed on Sunday (Mutually assured cyberdestruction), and Paul Rosenzweig addressed the Title 10/50 legal implications of military versus espionage incursions. It will be months before policy analysts chime in with their thoughts on this new method of force projection in military affairs.
Also last week we learned of DARPA’s Plan X, a $110 million project that will, among other things, seek to map the Internet and create a hardened operating system capable of launching attacks and withstanding retaliation.
As events snowball and there appears to be a unilateral build up of offensive cyber capabilities by the United States there are implications for the $40 Billion IT security industry.
The 1,500 vendors of security products and thousands of security service providers have had a single minded focus on defending against bad actors ever since the invention of networked computers. The bad actors have been hackers, cyber criminals, and nation states that engage in cyber espionage. The entire industry is engaged in defending against these attacks and is geared towards researching the next attack methodology and preemptively countering it – regardless of the source of attack.
One of the industries brightest and most prominent researchers, Mikko Hypponen of F-Secure, offered a public mea culpa last week for the failure of Anti-Virus vendors to detect and prevent advanced malware such as the recently discovered Flame. He also mentions Stuxnet, which we now learn was a US attack on Iran’s uranium enrichment facilities.
“Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.”
Hypponen is clear. While the AV industry is out of their league it is still their responsibility to counter every threat regardless of its origins. My concern is that the world’s IT industry will find themselves opposed to this new threat actor, the United States. If DARPA is developing new attack methodologies then the industry will develop new defenses in response.
Every secret weapon developed in the cyber domain remains secret only until first use. The target always sees the attack and often captures enough information to dissect the methodology whether it involves malware or a network technique. Flame, Duqu, and Stuxnet were effective and secret for several years, but as Hypponen makes evident, the industry is ramping up quickly to address these types of attack.
The use of cyber weapons is going to pit the US military and intelligence community against the IT security industry. The repercussions are going to be complicated to sort out. President Obama recently issued an Executive Order making it illegal to sell filtering technology to Syria and Iran. This may be the first of many attempts to address a technological weakness with policy. It is a worst case scenario but not beyond imagination to foresee a future where laws are passed to restrict defensive technology in an effort to protect some cyber attack capability.
The fallout from last week’s revelations of a new era in cyber force projection is going to have a wide range of effects. The impact on the security industry is one of them.
---
Just because i'm near the punchbowl doesn't mean I'm also drinking from it.
More information about the Infowarrior
mailing list