Should the US Use Hidden Data to Warn Industry of Attacks?

Cyber%20Attacks.jpg

Enterprise & Industry Accounted for over 70% of U.S. Cyber Attacks in 2014

When attribution in cyberspace is debated and discussed, most of the focus has been on whether the US government should take an offensive strike against cyber attackers. But recently, a different angle has surfaced: What’s the government’s role in leveraging the “Dark Web” — the Internet underworld inaccessible to the uninitiated — to give private-sector organizations a heads-up they’re in the crosshairs of adversaries?

The answer is pretty straightforward: Tipping your hand could mean compromising your sources close to the adversary and disrupt a valuable information-gathering process, said Shane Harris, Daily Beast senior intelligence and national security correspondent, speaking Sept. 1 at IBM’s i2 Summit for a Safer Planet in downtown Washington.

In the case of the Sony Pictures Entertainment hack, the US was fairly quick to publicly attribute the hack to North Korea. Less than a month following the cyberattack that leaked the entertainment conglomerate’s emails and financial information, the FBI issued a statement saying it had “enough information to conclude that the North Korean government is responsible for these actions.”
The hack was devastating — and humiliating to Sony. But what would have happened if the US government knew what the hackers were planning and had tipped off Sony? “You’d burn your sources in North Korea,” Harris said. 
So, with its vast trove of knowledge, should the government ever warn private-sector organizations about relevant chatter on the Dark Web sooner? There’s no straightforward answer.

The question is “whether the government has a responsibility to help its citizens or its corporations,” said Matthew Wong, director of intelligence for Flashpoint, who spoke with Nextgov a day after the event. “And sadly, the act of helping sometimes causes undesired effects. If you help a company, you’re risking your sources and methods, so that’s why the government sometimes doesn’t help citizens and companies even though it has the power and ability to do so,” he said.
Wong elaborated further: “You can have a short-term gain now, if you use this intelligence to protect this asset, and then you lose the long-term gain of intelligence and you potentially lose the ability to leverage that information to protect yourself in the long term.”

The conundrum about whether to notify intended targets about malicious activity isn’t new. During World War II, the UK cracked the Germans’ Enigma code, but to conceal its knowledge of the code, the UK had to sit idle, allowing certain “hazards” to occur, Wong said during the panel. (Alan Turing, the British mathematician who worked for UK’s code-breaking unit, is famously credited with cracking the Enigma code; however, Polish intelligence had years prior cracked the same type of messages.)

That strategy allowed the UK to gather more intelligence and study its adversary, gleaning valuable information and eventually winning the war.

“Just because we have the intelligence to stop every intrusion doesn’t mean we should,” Wong said.
DefenseOne: http://bit.ly/1goB6py

« Getting Hotter: China vs US Cyberwar
Russia & China Use Hacked Databases to Find US Spies »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ECSC Group

ECSC Group

ECSC is a full-service information security provider, specialising in 24/7/365 security breach detection and Artificial Intelligence (AI).

Maticmind

Maticmind

Maticmind is an ICT System Integrator providing solutions and specialized skills in Networking, Security, Unified Communications & Collaboration, Datacenter & Cloud and Application.

Navaio IT Security

Navaio IT Security

Navaio helps clients with IT Security related challenges with a primary focus on Identity and Access Management, Data Governance, User Awareness and Cyber Resilience Services.

Hold Security

Hold Security

Hold Security works with companies of all sizes to provide unparalleled Threat Intelligence services that actually make a difference.

River Loop Security

River Loop Security

River Loop Security specialize in solving complex cybersecurity challenges in the IoT and embedded devices space.

SecureNation

SecureNation

SecureNation offers a wide variety of cutting-edge technologies and IT services to address almost any of your information security, network security and information assurance needs.

CYRISMA

CYRISMA

CYRISMA is a revolutionary cybersecurity platform that helps organizations manage risk without the usual headaches associated with enterprise cybersecurity tools.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

Suridata

Suridata

Suridata’s SaaS Security platform enables organizations to secure the use of SaaS applications.

WinMagic

WinMagic

At WinMagic, we’re dedicated to making authentication and encryption solutions that protect data without causing user friction so that everyone can work freely and securely.

OutKept

OutKept

OutKept offers the highest quality phishing simulation campaigns, supported by a community of ethical phishers, to build awareness, and maintain alertness.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.

DACTA Global

DACTA Global

DACTA was established with the aim of simplifying the perception of complexity surrounding digital security challenges and solutions.

12Port

12Port

12Port network security solutions help companies tackle modern cybersecurity threats cost-effectively while implementing zero-trust architectures.

MODUS X

MODUS X

MODUS X is a Ukrainian IT product and service company created from the IT department of the DTEK Group of Companies.