Should the US Use Hidden Data to Warn Industry of Attacks?

Cyber%20Attacks.jpg

Enterprise & Industry Accounted for over 70% of U.S. Cyber Attacks in 2014

When attribution in cyberspace is debated and discussed, most of the focus has been on whether the US government should take an offensive strike against cyber attackers. But recently, a different angle has surfaced: What’s the government’s role in leveraging the “Dark Web” — the Internet underworld inaccessible to the uninitiated — to give private-sector organizations a heads-up they’re in the crosshairs of adversaries?

The answer is pretty straightforward: Tipping your hand could mean compromising your sources close to the adversary and disrupt a valuable information-gathering process, said Shane Harris, Daily Beast senior intelligence and national security correspondent, speaking Sept. 1 at IBM’s i2 Summit for a Safer Planet in downtown Washington.

In the case of the Sony Pictures Entertainment hack, the US was fairly quick to publicly attribute the hack to North Korea. Less than a month following the cyberattack that leaked the entertainment conglomerate’s emails and financial information, the FBI issued a statement saying it had “enough information to conclude that the North Korean government is responsible for these actions.”
The hack was devastating — and humiliating to Sony. But what would have happened if the US government knew what the hackers were planning and had tipped off Sony? “You’d burn your sources in North Korea,” Harris said. 
So, with its vast trove of knowledge, should the government ever warn private-sector organizations about relevant chatter on the Dark Web sooner? There’s no straightforward answer.

The question is “whether the government has a responsibility to help its citizens or its corporations,” said Matthew Wong, director of intelligence for Flashpoint, who spoke with Nextgov a day after the event. “And sadly, the act of helping sometimes causes undesired effects. If you help a company, you’re risking your sources and methods, so that’s why the government sometimes doesn’t help citizens and companies even though it has the power and ability to do so,” he said.
Wong elaborated further: “You can have a short-term gain now, if you use this intelligence to protect this asset, and then you lose the long-term gain of intelligence and you potentially lose the ability to leverage that information to protect yourself in the long term.”

The conundrum about whether to notify intended targets about malicious activity isn’t new. During World War II, the UK cracked the Germans’ Enigma code, but to conceal its knowledge of the code, the UK had to sit idle, allowing certain “hazards” to occur, Wong said during the panel. (Alan Turing, the British mathematician who worked for UK’s code-breaking unit, is famously credited with cracking the Enigma code; however, Polish intelligence had years prior cracked the same type of messages.)

That strategy allowed the UK to gather more intelligence and study its adversary, gleaning valuable information and eventually winning the war.

“Just because we have the intelligence to stop every intrusion doesn’t mean we should,” Wong said.
DefenseOne: http://bit.ly/1goB6py

« Getting Hotter: China vs US Cyberwar
Russia & China Use Hacked Databases to Find US Spies »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Dark Reading

Dark Reading

Dark Reading is the most trusted online community for security professionals.

Vector InfoTech

Vector InfoTech

Vector InfoTech is a leader in Industrial Security, Networks, IT and Telecommunications.

Trusted Objects

Trusted Objects

Trusted Object's mission is to provide state of the art security solutions and services enabling a strong root of trust for the IoT ecosystem.

DivvyCloud

DivvyCloud

DivvyCloud protects your cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges.

Kinetic Investments

Kinetic Investments

Kinetic Investments is a venture capital firm dedicated to early-stage companies that are transforming the digital landscape.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Saporo

Saporo

Saporo helps organizations increase their cyber-resistance. Continuously map your attack surface and get the recommendations you need to make your organization more resistant to attacks.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

WheelHouse IT

WheelHouse IT

WheelHouse IT secures, manages, and advances businesses with innovative, cost-effective IT solutions.

Diversified Search Group - Alta Associates

Diversified Search Group - Alta Associates

Diversified Search Group is an industry leader in recruiting diverse, inclusive and transformational leadership for clients.

Security Solutions Services (S-3)

Security Solutions Services (S-3)

S-3 specialize in crafting tailored network design, security hardware, software, and storage solutions for businesses of all sizes.

TerraZone

TerraZone

TerraZone is a global cyber security and privacy solutions provider to governments and enterprises.

Ncontracts

Ncontracts

Our mission at Ncontracts is to continually improve our clients’ ability to manage risk and compliance.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

Foresights

Foresights

Foresights is a Nordic company utilizing advanced intelligence tradecraft and extensive cyber security capabilities to deliver services and advisory tailored to our client’s critical requirements.