Cybersecurity and Cyberwarfare: Difference between revisions

From Technologies and Politics of Control
Jump to navigation Jump to search
No edit summary
(UTurn to 1303516799)
 
(12 intermediate revisions by 9 users not shown)
Line 25: Line 25:
'''May 3'''
'''May 3'''


Cybersecurity has been identified as one of the greatest challenges facing the United States today, but it is ill-defined and almost impossible to address. How can we frame this problem to better inspire solutions? How should government, military, businesses, and technologists approach the problem from different angles and do these different approaches work together?   
Cybersecurity has been identified as one of the greatest threats facing the United States today, but it is ill-defined and almost impossible to address. How can we frame this problem to better inspire solutions? How should government, military, businesses, and technologists approach the problem from different angles and do these different approaches work together?   
 
Slides: [http://cyber.law.harvard.edu/is2011/sites/is2011/images/IS2011-5.3.11-Cybersecurity_and_Cyberwarfare.pdf Cybersecurity and Cyberwarfare]
<onlyinclude>
<onlyinclude>
== Readings ==
== Readings ==
Line 36: Line 34:


== Optional Readings ==
== Optional Readings ==
* Whitehouse.gov, [http://www.whitehouse.gov/cybersecurity Comprehensive National Cybersecurity Initiative, Cyberspace Policy Review]
* Jack Goldsmith, [http://www.brookings.edu/papers/2010/1208_4th_amendment_goldsmith.aspx The Cyberthreat, Government Network Operations, and the Fourth Amendment]
* Jack Goldsmith, [http://www.brookings.edu/papers/2010/1208_4th_amendment_goldsmith.aspx The Cyberthreat, Government Network Operations, and the Fourth Amendment]
* Jane Holl Lute and Bruce McConnell, [http://www.wired.com/threatlevel/2011/02/dhs-op-ed/ Op-Ed: A Civil Perspective on Cybersecurity]
* Jane Holl Lute and Bruce McConnell, [http://www.wired.com/threatlevel/2011/02/dhs-op-ed/ Op-Ed: A Civil Perspective on Cybersecurity]
* Zittrain, [http://www.scientificamerican.com/article.cfm?id=freedom-and-anonymity Freedom and Anonymity]
* Zittrain, [http://www.scientificamerican.com/article.cfm?id=freedom-and-anonymity Freedom and Anonymity]
* Infoweek, [http://informationweek.com/news/security/attacks/229401866 Leaked Cables Indicate Chinese Military Hackers Attacked U.S.]
* CNET, [http://news.cnet.com/8301-27080_3-20055091-245.html Cyber attacks rise at critical infrastructure firms]
</onlyinclude>
</onlyinclude>


Line 47: Line 42:


* [http://www.chathamhouse.org.uk/publications/papers/view/-/id/967/ On Cyber Warfare]
* [http://www.chathamhouse.org.uk/publications/papers/view/-/id/967/ On Cyber Warfare]
A little early for this, but I would like to share this nice paper written by analysts and researchers at Chatham House. It's pretty fundamental, I would recommend it to anyone who encounters this subject for the very first time. --[[User:Jastifdonty|Jastify]] 22:55, 31 January 2011 (UTC)
A little early for this, but I would like to share this nice paper written by analysts and researchers at Chatham House. It's pretty fundamental, I would recommend it to anyone who encounters this subject for the very first time. --[[User:Jastify|Jastify]] 22:55, 31 January 2011 (UTC)
 
: Great recommendation.  I've added the executive summary to the required readings list. --[[User:Dardia|Dardia]] 23:50, 10 February 2011 (UTC)
Great recommendation.  I've added the executive summary to the required readings list. --[[User:Dardia|Dardia]] 23:50, 10 February 2011 (UTC)
 
I wanted to submit this article to add to the discussion. I found it to be interesting. Cybersecurity is probably the most vital issue to our country's infrastructure today. The recent military operation to take out  Osama bin Ladin would have failed miserably if knowledge of the raid was disclosed. To keep our intelligence reports under wraps should be among our highest priorities. While the government wages wars on three fronts at once, it is difficult but nessessary to ensure our reports stay out of our enemies hands. By blocking IP addresses and using more sophisticated encryption, we will be well on our way to protecting our great country. The world runs through the Internet, and so does our future.  [http://delivery.acm.org/10.1145/1840000/1839688/p33-brenner.pdf?key1=1839688&key2=5956834031&coll=DL&dl=ACM&ip=74.90.79.253&CFID=18979663&CFTOKEN=55280022] [[User:Joshuasurillo|Joshuasurillo]] 01:47, 3 May 2011 (UTC)
 
Cyberthreats are real and pervasive.  The people within IT infrastructure have been fighting the battle for years.  It makes no difference whether you work for a government, business or school – every domain (gov, com & edu) is under attack.  Private business and the military arm of the government are the most concerned about security, so they were the first to adopt network access control and identity management.  Security is enforced by verifying the identity of each user and device before allowing them to gain access to the network.  This, of course, runs counter to the idea of a free, open and anonymous Internet.  Yes, we can do a lot to protect the public by having the ISPs filter and block malware (search for SonicWALL and Blue Coat for examples) but it’s not enough to stop all breaches and wastes precious bandwidth.  Our government recognizes this and is actively promoting what would become a national electronic identity “ecosystem.” (Their euphemism; see http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf) Jack Goldsmith had some well reasoned arguments why we should expect more government controls.  Finally, a good taxonomy of Internet security practices can be found in the pages of Chief Security Officer Magazine at http://www.csoonline.com/. [[User:ChrisSura|-Chris Sura]]
 
Even with additional security measures instituted, there will always be someone looking for a way around it.  Jack Goldsmith's suggestion (suggested earlier by Zittrain), that additional measures be placed at the ISP level brings in significant risk to the ISPs.  What if the measures are put in place and something (inevitably) gets through?  Are the ISPs then liable for this?  Hacking and break-ins will continue to occur even at some of the most "secure" sites.  RSA, an industry security leader recently had their systems compromised, which led to information being extracted from their systems.  The fact that extremely sophisticated and targeted attacks can happen at secure Nuclear Power plants (Stuxnet worm), means that ISPs have would have their hands full with any targeted attack.
http://www.rsa.com/node.aspx?id=3872  [[User:Earboleda|Earboleda]]


== Links ==
== Links ==

Latest revision as of 16:58, 17 January 2013

Syllabus


May 3

Cybersecurity has been identified as one of the greatest threats facing the United States today, but it is ill-defined and almost impossible to address. How can we frame this problem to better inspire solutions? How should government, military, businesses, and technologists approach the problem from different angles and do these different approaches work together?

Readings

Optional Readings


Class Discussion

A little early for this, but I would like to share this nice paper written by analysts and researchers at Chatham House. It's pretty fundamental, I would recommend it to anyone who encounters this subject for the very first time. --Jastify 22:55, 31 January 2011 (UTC)

Great recommendation. I've added the executive summary to the required readings list. --Dardia 23:50, 10 February 2011 (UTC)

Links

Retrieved from "http://cyber.harvard.edu/is2011/?title=Cybersecurity_and_Cyberwarfare&oldid=9236"