The last 12 months have seen a clear shift in the way information security is discussed. It used to be all about cybercrime. Now, there's talk of war.
We no longer talk about "information assurance", but rather "defensive cyber operations".
At last week's AusCERT 2012 information security conference, there was still plenty of discussion about online crime. Mikko Hypponen, chief research officer at F-Secure, outlined a complex transnational criminal operation that saw goods bought fraudulently in Denmark being resold in Moscow. But Kaspersky Lab CEO Eugene Kaspersky reckons that cybercrime's golden age will end in 2014, and the consensus seems to be that we've at least got a handle on cybercrime, and know our next steps.
In this week's Patch Monday podcast, the first of two episodes covering AusCERT 2012, we hear the cyberwar-related highlights.
It's clear that nations including the US, the UK, China and France are already building and stockpiling offensive cyberweapons. Hypponen explains how we can judge the scale of American cyberweapon development by simply looking at recruitment advertising.
US Department of Defense (DoD) lawyer Richard Clarke explains cyberwar from a legal viewpoint, and tells us why he thinks the sudden-strike "cyber Pearl Harbour" or "cybergeddon" won't happen.
AusCERT general manager Graham Ingram reflects on the appeal that cyberweapons hold when compared with traditional kinetic weapons, and what it'll mean for information security to become militarised.
To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney 02 8011 3733.
Running time: 52 minutes, 16 seconds
Thanks to Risky Business for some of the audio recordings.