If you want to change the threat environment, you can also consider ways of reducing the number of attackers. Right now it's really, really, really difficult to hold attackers accountable. It's not just that they can fake their id's, it's also that they may come from or pass through other nations on their way to attack your castle. And we don't necessarily have any sort of agreements with those nations that would allow us to enforce our laws on them.
While I do think we need better international cooperation to hold attackers accountable, there's another issue at work here. How do you identify someone as an attacker in the first place? How do you trace back their identifier to the original person?
Tackling that problem is something I have reservations about, in that it's great to focus on that if you want to catch bad guys, but it also is something that can be used to oppress or suppress good people. Consider what I'd said about wanting to explore the Dark Net, and wanting VPN and whatnot before doing so. My reasoning for all of that?
I want to understand the world on a holistic level... and the darker side is part of that. Can we truly understand economics, for example, without understanding the role shadow economics plays in it? I don't know... I don't think there's any equivalent to GDP for the underground economy. There might be a few studies that explore how money gets laundered and how much of it comes back into the legitimate economy, I dunno. Maybe the underground economy isn't large enough to really impact anything, maybe our economists can make sound decisions without ever considering that side of things... But how would we know if we never even consider the possibility?
It's a bit like how some biologists really love looking into how an ecology handles decay. Would there be horrible ecological consequences if we got rid of nasty critters like mosquitoes and flies? You don't know unless you look into it. (I think I read that we could get rid of mosquitoes with little to no consequences, which would be awesome if true and doable.)
The Dark Net seems like a good place to get a better understanding of the shadows in our world, but I have some serious trepidations about going there. It's like turning over a rock, or spelunking in a cave. I'm not sure what I'll find, I'm not sure what I would do with what I'd find, that sort of thing. But... I do know that before I go spelunking in such dark caverns I'd want to do my darndest to make sure nobody there could ever trace me back to my physical address. So I want a VPN service, might try to use Tor, that sort of thing. (I haven't tried too much to maintain privacy online so far, tbh. I know a lot of computer people who flat out refuse to use Facebook any more, but I still have a lot of friends and family there and haven't completely opted out yet.)
Bringing this back to cybersecurity - any attempt to make it easier to identify people online will also make it easier for abuse to happen. Like authoritarian governments tracking down dissidents, or online mobs doxxing people they don't like.
I have reservations about making it easier to identify people online, but I also know that attribution is especially important if we're dealing with a nation/state threat level and want to deter attacks.
How could Ukraine hold Russia accountable for the 2017 Petya attacks, and prevent any future such attacks from occurring, when Russia denies involvement and calls the accusations "unfounded blanket accusations".
No comments:
Post a Comment