Should the US Use Hidden Data to Warn Industry of Attacks?

Cyber%20Attacks.jpg

Enterprise & Industry Accounted for over 70% of U.S. Cyber Attacks in 2014

When attribution in cyberspace is debated and discussed, most of the focus has been on whether the US government should take an offensive strike against cyber attackers. But recently, a different angle has surfaced: What’s the government’s role in leveraging the “Dark Web” — the Internet underworld inaccessible to the uninitiated — to give private-sector organizations a heads-up they’re in the crosshairs of adversaries?

The answer is pretty straightforward: Tipping your hand could mean compromising your sources close to the adversary and disrupt a valuable information-gathering process, said Shane Harris, Daily Beast senior intelligence and national security correspondent, speaking Sept. 1 at IBM’s i2 Summit for a Safer Planet in downtown Washington.

In the case of the Sony Pictures Entertainment hack, the US was fairly quick to publicly attribute the hack to North Korea. Less than a month following the cyberattack that leaked the entertainment conglomerate’s emails and financial information, the FBI issued a statement saying it had “enough information to conclude that the North Korean government is responsible for these actions.”
The hack was devastating — and humiliating to Sony. But what would have happened if the US government knew what the hackers were planning and had tipped off Sony? “You’d burn your sources in North Korea,” Harris said. 
So, with its vast trove of knowledge, should the government ever warn private-sector organizations about relevant chatter on the Dark Web sooner? There’s no straightforward answer.

The question is “whether the government has a responsibility to help its citizens or its corporations,” said Matthew Wong, director of intelligence for Flashpoint, who spoke with Nextgov a day after the event. “And sadly, the act of helping sometimes causes undesired effects. If you help a company, you’re risking your sources and methods, so that’s why the government sometimes doesn’t help citizens and companies even though it has the power and ability to do so,” he said.
Wong elaborated further: “You can have a short-term gain now, if you use this intelligence to protect this asset, and then you lose the long-term gain of intelligence and you potentially lose the ability to leverage that information to protect yourself in the long term.”

The conundrum about whether to notify intended targets about malicious activity isn’t new. During World War II, the UK cracked the Germans’ Enigma code, but to conceal its knowledge of the code, the UK had to sit idle, allowing certain “hazards” to occur, Wong said during the panel. (Alan Turing, the British mathematician who worked for UK’s code-breaking unit, is famously credited with cracking the Enigma code; however, Polish intelligence had years prior cracked the same type of messages.)

That strategy allowed the UK to gather more intelligence and study its adversary, gleaning valuable information and eventually winning the war.

“Just because we have the intelligence to stop every intrusion doesn’t mean we should,” Wong said.
DefenseOne: http://bit.ly/1goB6py

« Getting Hotter: China vs US Cyberwar
Russia & China Use Hacked Databases to Find US Spies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Centre for Development of Advanced Computing (C-DAC)

Centre for Development of Advanced Computing (C-DAC)

C-DAC is the premier R&D organization of the indian Ministry of Electronics & Information Technology. Areas of research include cyber security.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Boldon James

Boldon James

Boldon James are market leaders in data classification and secure messaging software.

Steganos

Steganos

Steganos offers highly secure and easy to use software tools that protect and secure on and offline data.

NLnet Labs

NLnet Labs

NLnet Labs is a not-for-profit foundation with a long heritage in research and development, Internet architecture and governance, as well as security in the area of DNS and inter-domain routing.

Cybersecurity Professionals

Cybersecurity Professionals

Search vacancies from top cyber security jobs worldwide on CyberSecurity Professionals. View IT security jobs or upload your CV to be seen by recruiters from industry leading firms.

Altaro Software

Altaro Software

Altaro provide backup solutions that are intuitive, easy to use, well-priced and backed by outstanding 24/7 support as part of the package.

Cyber Threat Alliance

Cyber Threat Alliance

CTA is working to improve cybersecurity of our digital ecosystem by enabling near real-time cyber threat information sharing among companies and organizations in the cybersecurity field.

SWAT Systems

SWAT Systems

SWAT Systems is an IT support and cyber security managed service provider.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

MCPc

MCPc

MCPc improves the security and well-being of our clients. We protect data, manage the complexity and sustainability of technology, empower employee performance, and ultimately reduce business risk.

Securix

Securix

SECURIX AG delivers holistic IT security solutions that are tailored to the specific challenges and requirements of your company.

Ermetic

Ermetic

Ermetic’s identity-first cloud infrastructure security platform provides holistic, multi-cloud protection in an easy-to-deploy SaaS solution.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Atlantic Data Security

Atlantic Data Security

Atlantic Data Security is skilled in the analysis, recommendation, deployment, and management of all critical components of the security infrastructure.

Ivolv Cybersecurity

Ivolv Cybersecurity

Ivolv is here to assist your organization in building effective protection and resilience against cyber attacks.