From SANS:
–Over Use of "Cyberwar" Concerns Some Experts
(May 5, 2010)
Experts gathered this week in Dallas, Texas for the Worldwide
Cybersecurity Summit. Some cautioned against the use of the term "cyber
war" as a catchall phrase to mean everything from fraudulent financial
transactions to attacks on critical infrastructure networks that could
threaten lives. Classifying all criminal computer activity as cyber
warfare could, in the minds of organizations, place the responsibility
for addressing the problem in the hands of the government, when it is a
problem that needs to be addressed by the public and private sectors
working together.
(((I wonder if these Dallas guys think that cyberwarfare emanates from
"public and private sectors working together." Like, say, GhostNet
infiltrating Indian computers. Is that "public and private sectors working
together"? Are there any botnets that come from either public or private sectors?
"This is our public-sector botnet." Boy, I'd like to see one of those.)))
Microsoft's Scott Charney believes cyber threats need
to be differentiated and has offered suggestions for four categories:
conventional cyber crime, military espionage, economic espionage, and
cyber warfare. Even then, rules for cyber warfare need to be
thoughtfully considered and thought out because a country could find
itself at "war" with an individual. The term may also play into the
difficulties countries have experienced in drafting international cyber
crime cooperation agreements.
(((It's like watching elephants discussing countermeasures for army ants.
"But they have no trunks... and no tusks... I'm concerned that this discussion may play
into the hands of our domestic opponents the donkeys.")))
http://www.msnbc.msn.com/id/36969943/ns/technology_and_science-security/
[Editor's Note (Pescatore): The term is definitely overused and
overhyped and directs attention in the wrong direction. Focus on the
threat is great for selling novels, focus on the vulnerabilities is what
protects business.]
(((Maybe it's just lone terrifying super-empowered individual me, but I always thought that "warfare" was supposed to be about "providing for the common defense," not "protecting businesses." I'm all for selling thriller novels, but I'm not real keen on government computers becoming wholly-owned subsidiaries of hardware vendors.)))
(((So: cyberwar, or commerce? It's whatever we want it to be, while you're still trying to get Congressional funding.)))
http://www.globaltimes.cn/www/english/sci-edu/china/2010-05/529505.html
http://business.timesonline.co.uk/tol/business/markets/china/article7121521.ece
*Imagine the fun:
http://www.zdnet.com/blog/security/should-a-targeted-country-strike-back-at-the-cyber-attackers/6194
