In one graphic, John Robb captures the technical, mechanical, strategic, tactical and historical issues associated with mod-dren cyber conflict.
It also, intentionally or not, points out the myriad flaws with what passes for strategies to deal with these problems. People still chase the last-hop when that hasn’t mattered (if it ever did) for ages. Consequently, we futilely pursue “proof” when “intention” or “motivation” is more than sufficient (attribution, as commonly understood, is a pipe dream). National-strategic actions are facilitated/conducted by disinterested criminals (there is that black globalization at work) but we continue to let the FBI pursue “criminals” and the Pentagon to combat “enemies” and almost ner’ the two do meet.
Could have used this imagery when I was still on the job …
Update: Speaking of being on the job, Dir/USCERT is interviewed on this very subject. Closing ‘graphs:
What do you think will happen next in the area of cyberwar or hactivism? I don’t know. It will happen again, but I don’t necessarily know if it’s going to be [an attack as occurred in Estonia.] We’re sort of in uncharted territory. You don’t know what is going to upset an individual or a group to see if later they will launch a cyberattack.
Will politically motivated attacks be more frequent? There is the potential for it to be more frequent based on the attention brought to what happened in Estonia.
I invite the Director to hop onto the (secret and above) network(s) and Google “Hacktivism: Implications for the Defense Information Infrastructure” by your’s truly. I was a little enthusiastic about the timeline (mea culpa) but if memory serves the conclusions still hold true.
