Our hawks (aka warmongers), with their loyal journalist-enablers, have sparked a new round of hysteria about North Korea’s cyber-attack on Sony. Kim Zetter at Wired gives a good analysis in “North Korea Almost Certainly Did Not Hack Sony“. The Hollywood Report cites insiders pointing to disgruntled current or former employees (Sony has many of both). To understand why we might never know the guilty party, see this post by Marcus Ranum from 2011: attribution of cyberattacks runs from difficult to impossible. Click at the end to see the full post.
Cyberwar: About Attribution (identifying yourย attacker)
Summary:ย Identifying the attacker is the key to modern military defense, so one can launch a reprisal or counter-strike.ย But attributing cyberattacksย is difficult because nothing in cyberspace has to look like anything familiar. How do you attribute a weapon that was created out of thin air and used by an enemy that has no physical location?ย Links to other chapters of this series are at the end.
.
Contents
- Cyberspace, Novel Weapons, and Location Independence
- ย Technology, Language, Culture, and Cui Bono
- ย A Model For Attribution
- About the author
- For more information
(1)ย Cyberspace, Novel Weapons, Location Independence
Cyberspace does have some unique attributes which are not mirrored in the real world.ย Such asย the nonexistence ofย “territory”.ย There is no “there” there.ย Some of the things we are accustomedย to taking into account in warfare are missing: hostile forces do not need an ‘assemblyย zone’ that can be detected and watched. Nor do they have to cross ground — where they leave traces of the type that we’re used to dealing with.
Imagine if a hostile power was going to insert a cover operations team into a target area and wanted to beย stealthy enough to achieveย plausible deniability. In the past troopsย could beย outfitted with uniforms that had been carefully scrubbed of clues to their origin, “sanitized” weapons, etc. Providing such kit was expensive and exacting work. Inserting them into a target, nowadays, would entail avoiding the ubiquitous video-surveillance cameras, providing false identities under which to travel, laundering funds for the operators, and then having an equally carefully scrubbed extraction plan.
In the real world, this kind of thing is expensive and complex. In cyberspace it is relatively easy and practically free. There are some caveats about the “easy and free” claim, depending on the quality ofย the defenses that are being attackedย but — as we’ve been assured over and over again by our government’s own technical experts — our defenses, to put it bluntly, suck.
{ Click here to read the full post }
