190 likes | 293 Views
The National Program for Public Safety – PRONASCI. Mr . Jim Simon Chief Strategist Worldwide Public Sector Microsoft Corporation jisimon@Microsoft.com. The Sound Of Death. Order & Chaos.
E N D
The National Program for Public Safety – PRONASCI Mr. Jim Simon Chief Strategist Worldwide Public SectorMicrosoft Corporation jisimon@Microsoft.com
The • Sound • Of • Death
Order & Chaos Nation state attackers differ from criminals and others. Purpose, effectiveness, and repeatability matter for the “rational” nation state.
“They wouldn’t dare!” Dean Rusk (Chinese intervention in Korea) • See the battlefield; know the battlefield. Know the players--ALL the players. • active or passive, • offense or defense, • motivated by money, ideas, or power.
“What is called “foreknowledge” cannot be elicited from spirits, nor from gods, nor by analogy from with past events, nor from calculations. It must be obtained from men who know the enemy situation.” Sun Tzu • Launch no attack without careful and deliberate reconnaissance. Knowledge of the target is necessary for effective attack. Follow technological trends, anticipate and take advantage of change.
“Predicting is hard work, especially about the future.” Nils Bohr • No attack may be launched without an assessment of the balance between risk and reward. Probability of success must be assessed and the risk of unwanted damage understood and special attention paid to the ability and will of a target to counter-attack.
“Yea, they have chosen their own ways, and their souls delighteth in their abominations… When I spake, they did not hear: but they did evil before mine eyes, and chose that in which I delighted not.” Isaiah 66:3-4 • Unless consciously decided, the origin of the attack must be un-provable. Any attack where the attacker is evident or blamed on another, is a policy decision made at the highest levels.
“Even our intellect does not work rationally. Habit, which is rationally indefensible, is the main force that guides our thoughts and actions.” David Hume • Technological change occasionally risk the viability of the most advanced weapons. When this circumstance is foreseen, consider immediate use against the highest-value targets, no matter your attachment to the “weapon of weapons.”
“Making plans is too often the occupation of an extravagant and boastful mind. It thus obtains the reputation of creative genius by demanding of others what it cannot itself supply, by denigrating what it cannot improve, and by proposing what it knows not where to find.” Immanuel Kant • Choose the most precise attack that strikes the specific target --and no other. Promiscuous attacks raise unwanted alarm and risks unpredictable collateral damage. Precision strikes can allow cyber weapons to be re-used against less-capable targets, even within the same entity.
Chaos theory tells us that the phenomena of non-linearity means that results are not proportionate to cause. • Choose the simplest means that both meets the objective and is appropriate for the specific target’s value. Attack the oldest, least capable systems first; reserve the best weapons for the highest-value targets.
“May God defend me from my friends; I can defend myself from my enemies.” Voltaire • Choose the easiest mode of attack that offers precision. If the window is open, don’t break down the door. Suborn an employee or attack through the supply chain if at all possible.
The information you have is not what you wantThe information you want is not what you needThe information you need is not what you can getThe information you can get cost more than you want to pay. • Choose the attack that can be effective in the shortest time to forestall or complicate countermeasures. Get in, get out.
Insanity is the belief we can do the same things over and over, but some day the outcome will be different. • Preferentially attack the most isolated systems. This ensures we can accurately predict the range and consequence of the attack and accurately control collateral damage.
“Adding routes to an already congested network will only slow it down.”Dietrich Braess • When attacking a complex system that spans entities, attack the weakest link. This is particularly useful against cooperating targets (like alliances) or intra-governmental efforts. Sowing distrust in a system or among allies can multiply the effectiveness of other attacks.
“Confusion to our enemies!” CIA toast • Consider choosing attacks that confuse or mislead the defender. Confusion is always helpful and “cry wolf” attacks and feints may lead the target to ignore or be blind to more advanced, more valuable attacks.
“A Black Swan for the turkey is not a Black Swan for the butcher.” N.N. Taleb • The creation and testing of cyber weapons has to be done with care—otherwise an alert defender can predict the attack vector and pre-emptively counter weapons effects.
What Can Be Done NOW!!! • Go to IPv6 now • Patch & upgrade—”new” complicates “how” • Try not to be the easiest target on your block • Be ruthless with unauthorized hardware/software • Beware of customization • Be able to detect and respond to first instance deviations in your system
“You shall reveal to him your secrets.” -- He of the Sedge and of the Bee, Menmaatre Son of Re, SetiMerenptah, L-P-H