Enhance cybersecurity awareness and survivability for DoD, industry partners, and academia in the face of the ever-increasing threat of cyber attacks. Cybersecurity (CS) includes managing risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes, including analog and physical form. CS includes information availability, identification and authentication, confidentiality, integrity, and non-repudiation as well as the economic considerations with respect to selection of CS techniques, CS processes, and industry trends.
Do not look for the silver bullet solution.
- This topic has 1 reply, 2 voices, and was last updated 4 years, 8 months ago by
.
-
Topic
-
Government needs to stop thinking about a silver bullet solution that will protect every computer and start thinking about a solution to protecting the really important industrial plants. These are the plants that involve our water supplies, electrical plants, etc. These are the target that an enemy of the US will want to attack.
These plants can be protected by turning general computers with large numbers of executable programs into limited programs with limited numbers of executable program. The limited number of executable programs would be protected by trip wire, and before an executable program is activated a check would be done on a program there would be a check that the signature for the file matches the tripwire signature for the file. The weakness of tripwire is that it does not do a check when a program file is activated.
A cyber attacker may be able to access a limited computer system but the attacker will not be able to activate a malicious program on the system since there will not be a valid signature for the malicious program.
The signatures for the programs would be stored upon a read only devise and this would prevent an attacker from using a valid signature for the malicious program.
The limited system also should not have any programs that load programs at start up. If this was adopted by general programs it would make it harder for hackers to have their malicious program activated at start up.
This is not a solution for all computers but it can be a solution for important systems.
There will be even more protection for these systems if there is only access to defined websites. There is no reason for an operator on a plant system to have access to any website.
By the way this idea was sent to various DoD organization in 2002.
-
Replies
-
-
I think the idea is correct, to focus on vital national infrastructure has to be a prime objective of the cyber defense teams. However, your looking at setting up a national botnet created by the government. Basically, a program that is activated if the tripwire sends the signal. But opening up a link to the different infrastructure a pre-established link would require a completely error free program, with absolutely no back door access. Even with required access to make any alterations, it would have to be setup as a consistently evolving system similar to how AIDS/HIV is has been such a difficult virus to treat, because it evolves before a vaccination can be developed. Its entire design in this simple single cell organism is to reproduce and protect itself by evolution. This system would require that level of self evolution to protect the system from being breached. Their are many systems within the Government that have been exploited even with a extremely minimal amount of access.
The vital infrastructure of or nation needs pertaining to utilities needs to be completely sealed off from any outside connections. With a system that can only be connected to through the use of a completely unique hardline. Then it needs to have a limited access signature design that you described as further protection. By alienating the access you create the most fool proof penetration system. Plus a government mandated public sector botnet is not something that people are not going to accept in the large scale population. One if the tripwire mechanism is somehow activated, and the limited processes and use of the nations personal computing power is activated. Backwards engineering has the potential to put the entire nations personal computers at risk. Even if risk is not a factor people generally do not react to having their private computers loaded with Governmental software they will naturally expect the worst, that at anytime the government can invade their private lives. History shows us that when the public feels they have lost privacy, societies react poorly to a “Police state.”
I am not implying that your idea wouldn’t work, just that like all plans its important to objectively analyze public relations with the Governmental body. There is also the unmentioned sectors that need protection, such as our financial institutions, stock markets, these are also hard targets of hackers and terrorists. Then you have college institutions, Hospitals, clinics, military data basis, Government data basis, a country that has information on our presidents current health is a dramatic risk. That was something I learned in my first college Sociology of International Relations class. These institutions all have a vital need for protection and many of them cant be just removed from the grid. They need to be given the means to properly protect their networks. However, with the growth of devices owned by visitors, employees, and temporary staff all create unprotected gateways and vulnerability points for these institutions. We already know through the acts of 9/11 that terrorists target our financial sectors, the pentagon, they where both primary targets of these organizations. Think back to the old concept visited by “Live free and Die Hard” of a complete “Firesale” crippling each major sector. Crippling transportation, utilities, government, communication, finance, military operations, all things that play major factors in the way we now live our lives. Hospitals scan in every medicine delivered to a patient, their entire treatment plan, the very information vital to keeping Intensive care patients alive, its all digital, and the loss of such data could cause detrimental fate for numerous lives. Combine that with other forms of terrorist attack and you create mass chaos. Terrorism by definition is the use of fear or terror to control or manipulate a target group into a certain behavior.
Your correct there is no silver bullet for all Cyber Security threats, but that’s why people with the skills to collectively target each type of operation is so imperative. We need multiple task force directed agency lead groups to act as the immune system against cyber security threats. It should have been a primary objective since the dawn of the Internet of Things, but now more than ever recruitment and training of individuals with educational training or natural skill in Cyber Operations is vital. Because we need a large enough, and skilled enough “Cyber Immune System” to combat each type of emerging threat. The ones we already know are being targeted and the ones that have yet to reveal themselves. We need to provide a systematic but human threat prevention directive. Any target protected by a purely systematic virtual reactionary system is still open to vulnerabilities perhaps not immediately but with each evolution in tech, creates a new wave of potential threats. The human element is needed as it is almost a competitive system with hackers. Who can outwit, out perform, and create answers to threats. The only possibility of a system to counter all cyber threats would be in a A.I. system and we do not have the ability to control or contain a system with that level of intelligence and ability to grow. Once we allow a system to learn on its own, protect systems itself, become self aware, and analyze humanity as a whole will be analyzed by that system. And with a A.I. your talking about a potentially immortal being, one that will evaluate our entire history which is easy enough online, in a extremely quick amount of time. If this system has access to all the things that keep our society flowing in a healthy manner, we have to know that the system will deem us worthy of existence, because we gave it the control to devastate our existence. This is why the human system is necessary. The discussion of a self educated A.I. is one that requires a great deal of further engineering and analysis.
The threats are human, we need to stick with the tactical approach of a human v. human technology enhanced threat prevention objective. I am only a cybersecurity student but I have been working with computers, hardware, and software development since I was 10, at 31 I don’t believe I have a completely perfect background in Governmental Cyber Operations unit, but I believe my general knowledge of counter-hacking, and Cyber Operations tells me that no single protective measure is 100% perfect, but we need to look at how society will respond to our decisions, and we need a human network for threat analysis and prevention.
I know this post may be older but still warranted a secondary opinion to the proposed threat plan listed above. The wrong idea even with the right intentions does not make it the correct approach.
-
You must be logged in to reply to this topic.
