This panel of top industry and government experts focuses on how advanced persistent threats have evolved, what the implications are for business leaders, government officials, and our society, and approaches used to address this growing challenge.
Aired on February 8, 2011
Expert Reactions: Ron Ritchey, Principal
Investment is a key component of an APT strategy. Dr. Ghosh rightly points out that we’ve already spent significant resources in R&D trying to develop approaches to increase cyber security. What are missing are incentives to move promising research into common usage. A great example of this is in software testing. Our academic centers have created novel methods to detect software flaws that go far beyond industry practice but very few organizations take advantage of them. Most organizations don’t even approach function coverage (testing that makes sure that every function in the program gets executed at least once). To learn more about the state of academic research in software testing see “Introduction to Software Testing” by Offutt/Ammann.
Better application of testing techniques would have a direct impact on the amount of vulnerabilities that APTs can leverage in their attacks. Unfortunately, there is often little economic incentive to apply these techniques. There’s a great book on this by Dave Rice titled “Geekonomics: The Real Cost of Insecure Software”. In it he makes a strong case that the incentives within the software industry are broken and are directly contributing to the sad state of software security. Fixing this will not be easy but is essential if we are going to find the resources and will to apply more advanced techniques to the challenge of defending against advanced adversaries.
Expert Reactions: Ed Kanerva, Vice President
For the most part, APTs that are going after what Mr. Clinton calls ‘vacuum attacks’ are organized. They do their homework first, decide on the target, determine the approach vectors of attack and then unleash. Depending on the target of the attack, they can be elegant in their approach; i.e. quiet, stealthy and unobtrusive, or a little less so in taking the risk of being detected to get what they are looking for. Nonetheless, the APT end game is the same. Penetrate the target, exfiltrate the information, maintain a backdoor in/out if required, and move on. Motives for the attacks can be many, and we have figured out over time what these adversaries are doing to the US and the economy. I recall reading an article translated from the People’s Liberation Daily (a Chinese Military periodical) from the mid-80’s that has stuck with me over the years. I paraphrase a key point here . . . an Adversary wishing to destroy the United States only has to affect the computer systems of its banks by high tech means. This would disrupt and destroy the U.S. economy.
| Page 1 2 3 All | Next > |
Search for job openings and post your resume.
Applicants selected may be subject to a security investigation and must meet eligibility requirements for access to classified information.
