Black Hat puts 'offense' on its cyber agenda

Stuxnet worm helps to bring into the open the offensive capability of cyber weapons, experts say

ARLINGTON, Va. -- The ability of the Stuxnet worm to damage Iran's nuclear complex demonstrated, in a very public way, the capabilities of cyber weapons. That was not lost on the program team of the Black Hat conference, or its founder, Jeff Moss.

Moss, a security consultant who was appointed in 2009 to serve on the U.S. Dept. of Homeland Security Advisory Council, said some experts call Stuxnet the "first targeted cyber weapon attack," a declaration he takes issue with.

"I don't believe it is the first one - I think it is the first public one," said Moss. "I think it's the first one that we all get to talk about out loud."

Discussions about techniques that are used to mount offensive attacks are also becoming increasingly public, at least at the Black Hat conference held this week at a hotel two Metro stops from the Pentagon.

The conference has specific tracks that look at offensive cyberwar capabilities, which are broadly called "irregular tactics" and "Web skirmishes."

Moss said Black Hat added such tracks at the latest conference "for people who legitimately perform offense."

Sessions about offense have long been part of Black Hat conferences, Moss pointed out, but previously the subjects focused on using such tactics to test defenses. "Now (offense) has its own rules," he added.

Meanwhile, Stuxnet is adding to a growing reference library of publicly disclosed cyberattacks, such as an intrusion into Google systems last year that was reportedly linked to China .

Moss believes the public disclosure of these attacks is elevating the role chief security officers, who now have tangible incidents to use as evidence in explaining IT risks to CIOs and CEOs.

But much remains unsettled.

When Stuxnet sent some of Iran's uranium enrichment centrifuges spinning out of control, the attack served to broadly illustrate the vulnerability of control systems, such as those used in various parts of the world's electric grid.

Franklin Kramer, a former assistant secretary of defense in President Clinton's administration, said a cyberwar won't be limited to any one domain, and government will need a menu of responses to cyber threats.

The first response level could be diplomatic, and the second economic, said Kramer. A third level may involve a cyber or "kinetic" response, military-speak for possible military action.

Kramer indicated that military action in response to a cyber-attack can't be ruled out. To illustrate his point, he cited the 1989 intervention by the U.S. in Panama and arrest of country's leader at the time, Manuel Noriega, who was then jailed on drug, racketeering and other charges.

In Panama, "the United States used military force to support what was really, for the most part, a law enforcement activity," said Kramer.

Kramer called for more collaboration on the issues raised by cyber threats.

Among the things policy makers will have to look at is whether the U.S. Security and Exchange Commission should impose a requirement on companies to disclose their cyber problems and possible solutions, which could raise the level of awareness about the threat. "I think there is a lot to be said for that," said Kramer.

Join the CSO newsletter!

Error: Please check your email address.

Tags MetroGooglesecuritygovernment

More about GoogleKramer

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Patrick Thibodeau

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts