The following lines constitute a subjective summary and/or collection of thoughts triggered by the keynote that Mr. Bruce Schneier offered at Black Hat Europe 2011. The title of the keynote was cyberwar. An exciting word that nowadays reaches TV channels, radios and newspapers around the globe.
- At war, it is always important to know who is at war and why. In the cyber world, these two w-questions usually have no answer.
- The word war is paradoxical: In real wars, media try to avoid the word. However, media use often the word war in a rhetorical manner (the war on terror, the war against poverty, etc.).
- The Internet kill switch idea opens a new threat vector i.e. what about that switch falling into wrong hands?
- Regarding targeted attacks, if a company or individual is targeted, it will eventually be compromised. No doubt. It is only a matter of time and effort.
- Even though international treaties are sometimes of doubtful effectiveness, they could bring good to the cyberspace.
- In a nutshell, the current attacks in Internet increasingly show war-related tactics, strategies and methods. Therefore the hype of the word cyberwar.
Some additional thoughts:
- Skype is not eavesdropping-friendly.
- Commercial companies deal with risk only up to the value of their business. This is the reason why States need to bear residual risks if they can affect citizens (e.g. risk born by critical infrastructures).
- Human beings fear human attackers the most, then animal attackers and finally natural threats.
- Human beings fear invisible threats much more than those visible ones (personal note: this can be the reason why nuclear energy is so much feared).
And finally, a title... "dishonest minorities", his forthcoming book!
The video of the keynote is available at Black Hat Archives Site (not always available) and also in youtube.
Happy viewing!