Skip to content

The inherent Asymmetry of online attacks

Katie Moussouris explains teh Cyber and how it is asymmetric:

»”#Cassandra moment: Explaining that determining “cyber norms” in today’s world order misses emerging capabilities & motivations of new actors.

Forget “attribution”. Not what I mean. Deterrence, state responsibility, etc in existing state context assumes most want to keep stability.

Plenty of non-terrorist smaller states & non-state-non-criminal actors have or can acquire capabilities & would not be sanctionable, for example when we think through deterrence strategies, consider not just world order we have that prefers stability, but those who prefer destability.

We’re erroneously trying to defend against a magnetic power reversal of the N & S poles, but the cyberwar powers are everywhere & unaligned.

We miss the point if we think the answer is to contain those weapons/tools. We hurt defense when we limit their distribution for analysis.”«

Published inHackerterrorcybercyber

One Comment

  1. Rudolf Polzer

    As an anti-gun person, I find this argumentation oddly similar to the one of “gun nuts” in the US: “we need our guns so we can defend against the criminals who have guns”.

    One crucial difference though is that “hacker tools” almost always are easier to use for defense (locate security holes with nmap, OpenVAS, static analyzers, even Metasploit, then plug them) than offense – the only real exception I can think of is DDoS software and malware – as opposed to guns, which are easier to hurt than to defend with. Also the danger of accidents does differ a lot. So banning/restricting those tools quite obviously hurts the defender more than the attacker.

Leave a Reply

Your email address will not be published. Required fields are marked *