Cyber assault teams on the loose?

For those who did not see the beginning of the movie Die hard 4, it starts with a high tech assault team invading the home, better, room of what looks like a student running some computers. Bullets fly, normally everyone would die, but Bruce Willis comes out alive. Of course.

Yesterday, at the NL IGF meeting on Internet regulation or trust, someone asked a panelist, whether we would need cyber commandos to take down malicious activities on the Internet. This sounded very tough and in my mind’s eye I could see the commandos go.

Invade an ISP?
Then I asked myself, where would they go? To the domain name reseller who registered some bogus domain names? To the IP address organisation to revoke the IP block? To the hosting company that rents out a server? To the ISP? To a bank? To an international money transfer service? To an organisation announcing an ASN? To the company routing traffic? The long distance carrier? To a money mule? To … And all in different nations?

Or discuss safer software?
I’m sure this is not what the person asking the question was thinking of, at least I hope so, but these are the very different parties cyber defence or offence officers run into. A country, just like an organisation, will want to know who is behind an attack, but as we know on the Internet it is easy to mask that. Maybe it’s time that those responsible for agendising topics on cyber defence should start to look at rooting out obfuscation possibilities in software. Pushing back anonymity where it is not necessary, may be a way forward towards a true solution. I am glad to say that, albeit in a generalised form, it did entered the discussion, as someone remarked that software vendors have to come up with better products. There are many small silver bullets that can make one big one.

So I’m afraid for now cyber commandos will remain active in the virtual world only. Sitting in a bunker, behind a lap or desktop defending the nation.

Wout de Natris, De Natris Consult

Leiderdorp, Thursday 26 May 2011

Advertisements

About Wout de Natris

As a consultant I specialise in establishing new and different relationships between industry, governments and law enforcement where internet safety and the fight against cyber crime are concerned. This makes me a bridge builder. Hence the blogs name. In this blog I intend to stress the need for interaction, cooperation and exchange of information in order to change the mentioned relationships. On offer: a comprehensive training on all non-technical aspects of spam enforcement and a cyber awareness presentation for companies and institutions
This entry was posted in Botnets, Cyber crime, Cyber espionage, Cyber security, Cyber warfare, spam and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s