Thursday, June 8, 2017

How to pick targets

Do people read these? I'm guessing...not.

There's a whole class of individuals out there with no real job description because "Cyber Warrior" sounds pretentious as hell. But that's as close as we get, and the most important thing they do is pick targets.

What cyber war attacks best is ideologies. But "ideology" is a fuzzy term. So what I like to use to predict fruitful (haha) areas of research is essentially a combination of "hypocrisy" and "industry based on illusion". In other words, how do you get the biggest bang for your buck by manipulating or releasing information? First, your opponent must be off-balance in some way, like how the DNC was, to anyone with the right eyes.

The massive food distribution network is well within the risk area of this kind of analysis. No doubt, when federal policy teams get around to it, they will try to classify it all as "critical infrastructure", which is what they do when scared.

We don't have a TON of real research in the open space on how to find areas where you have a lot of leverage for cyber war effects. People sort of run from one exciting moment to another. Yesterday, car hacking is hot! Today, political hacking and info-war!

But just to start by adding some propane to the fire:

Food distribution combines these fun things (collect them all!):

  • Massive, distributed, country sized wireless networks
  • Full of special purpose old hardware and software with complex supply chains and basically no forensic capability
  • Where any level of UNCERTAINTY, let alone visual physical effect, can cause mass disruptions. You don't have to poison every grape - just ONE GRAPE - in order to make all the grapes worthless
  • No long history of massive security investment (unlike, say, the financial sector)

When you look at strategy in combat or gaming there's a lot of talk of the "meta". In other words, under a given ruleset, what are the best-fit resource allocations for success? But what you see with champions is they almost always go OFF META. Because the true meta is always surprise. With cyber it is no different. Russia's plans worked because they were a surprise. And our response, as well, must be.

No comments:

Post a Comment