Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
April 2013 / Volume 15 / No. 3

Cyberwar calls for software and system investment, not hacking back

In February, the security firm Mandiant Corp. confirmed, with plenty of hard evidence, what we've known for a long time: Chinese cyberespionage is staggeringly rampant. From the Aurora attacks in 2009 through the spectacular RSA token hack of 2011 to the ironically, self-described attacks on the computer systems at The New York Times in 2012, state-sponsored cyberespionage has been constant news for years. Gary McGraw Every revelation comes with a renewed beating of the cyberwar drums. Given that today's existing defenses and countermeasures have proven largely ineffective in thwarting these attacks, many otherwise sane people have discussed the idea of going on the offensive and "hacking back" by booby-trapping honeypot data or setting loose malicious software. Distressingly, this sort of cyberoffense is being repackaged -- and camouflaged -- in a clever and, ironically, "newspeak" way under the rubric "active defense." Let's get this straight up front: Active defense is irresponsible. We will never vanquish a cyberenemy by ...

Features in this issue

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close