Some experts question efforts to identify cyberattackers
IDG News Service - Efforts by the U.S. government to better identify cyberattackers will likely lead to violations of Internet users' privacy and anonymity, and technological means to attribute the source of the attacks may be inaccurate, privacy and cybersecurity experts said Thursday.
Witnesses at a U.S. House of Representatives subcommittee hearing disagreed about whether the government should explore new ways to attribute the sources of cyberattacks. Several cybersecurity experts have called for new attribution efforts, including trusted identification systems, but Robert Knake, an international affairs fellow for the Council on Foreign Relations, said oppressive governments would use new identification technologies to track their political enemies.
Proposals to label IP (Internet Protocol) packets with unique identifiers "would be far more useful for authoritarian regimes to monitor and control Internet use by their citizens than it would be in combating cyberwarfare, crime and nuisance behavior," Knake told the House Science and Technology Committee's subcommittee on technology and innovation.
For massive attacks, attribution of the attackers may not be difficult, because only a few nations have that capability, while low-level attacks don't rise to the level of national emergencies, he said. "In a lot of cases, we don't lack attribution, we lack response options," he added. "We don't know what we should do when we discover that the Chinese have hacked into Google."
Subcommittee Chairman David Wu, an Oregon Democrat, asked witnesses whether new ways to identify the source of cyberattacks would deter some attacks. In other types of conflicts the U.S. has faced, knowing the identity of potential attackers has kept both sides from aggression, he said.
Knake questioned whether the same would hold true for cyberattacks.
The Cold War theory of mutually assured destruction in nuclear attacks between the U.S. and the old Soviet Union is "unpersuasive" in a cybersecurity context because the U.S. is far more dependent on the Internet than many potential attackers, he said. The U.S. would have to respond with physical attacks to do the same amount of damage as the attacking nation did to it, he added.
Knake suggested that the U.S. government should focus more on preventing damage and protecting its systems than on attributing the source of attacks. But Ed Giorgio, president of cybersecurity vendor Ponte Technologies, called for new protocols that would identify users on sensitive networks. On less-sensitive parts of the Internet, people should have tokens, issued by a trusted third party, that establish their identity or tokens that give them anonymity, he said.
Attack attribution, while not effective today, is an "essential part" of the U.S. government's emergency response capabilities, Giorgio said.
"My comments are not focused on promoting what the ideal balance between privacy and security should be, but rather a challenge to those embracing the utopian view that both may be simultaneously within our grasp," he added.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts