Cyberwar: we're in it together

Cyberwar: we're in it together

Summary: Stuxnet, the first malware capable of causing physical damage, represents a strategic shift in cyberwar, something on everyone's mind at the RSA Conference on information security this year. While it's still hard to sort facts from fiction, there were calls for further cooperation between government and the private sector.

SHARE:
TOPICS: Microsoft, Security
6

Stuxnet, the first malware capable of causing physical damage, represents a strategic shift in cyberwar, something on everyone's mind at the RSA Conference on information security this year. While it's still hard to sort facts from fiction, there were calls for further cooperation between government and the private sector.

In Patch Monday this week, we give you a small taste of RSA, including comments from security guru Bruce Schneier, US Deputy Secretary of Defense William Lynn, head of US Cyber Command General Keith Alexander, and former heads of the National Security Agency and the Department of Homeland Security.

And from Microsoft's Trustworthy Computing team, director Jeff Jones explains the company's view on collective defence.

The head of its Trustworthy Computing initiative, Scott Charney, has suggested treating internet security like a public health issue — including the controversial idea of quarantining computers that don't pass basic health checks.

Yet, as Microsoft's promotional video explains, it's more subtle than just cutting bad computers off the internet.

I'm particularly interested in what you think of Microsoft's collective defence concept. To leave an audio comment for Patch Monday, Skype to stilgherrian or phone Sydney 02 8011 3733.

Running time: 35 minutes, 53 seconds

Stilgherrian attended the RSA Conference as a guest of Microsoft.

Topics: Microsoft, Security

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust.

He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit trap, clear a jam in an IBM model 026 card punch and mix a mean whiskey sour.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

6 comments
Log in or register to join the discussion
  • You should ask anonymous about security. They seem to be a bit more advanced in security then those mentioned in your write up.
    http://arstechnica.com/tech-policy/news/2011/02/anonymous-to-security-firm-working-with-fbi-youve-angered-the-hive.ars
    frank0-3f91e
    • Or, you should not ask Anonymous about security because five of their number were easily identified and arrested after participating in DDoS attacks.

      http://www.zdnet.com.au/five-arrested-for-uk-ddos-attacks-339308821.htm

      I don't think you can draw overall conclusions about Anonymous as some sort of coherent "hive mind", as some members like to portray the non-organisation. Some members may be highly skilled in infosec matters. Many, perhaps most, are not.
      stilgherrian
  • "Quarateening computers that fail health test".
    OK - but Microsoft - what do you say to a user who is:
    a. using YOUR Windows'XP system at home and is quite happy with it - no "health" risk?
    b. users who are on dial-up only services and cannot download patches in any reasonable way (Telstra RIM/pair-gain victims are stuck on connections at around 35Kbits/sec!)
    We need the industry to respond and to STOP BLAMING THE USER!
    caelli
  • I appreciate the public health analogy, vaccination / virus protection. The continuation of that analogy is that if your kid doesn't have the right vaccinations they can't go to school = your computer's virus protection doesn't measure up you can't go online. Who sets those parameters? It can't just be Microsoft.

    What's happened recently in Egypt and now Libya (and many others before) shows that while access can be cut off by the Government access can still be had through TOR and other channels, how would a 'vaccination program' effect that process?
    Stacey0
  • Terabits of "intellectual capital". The hell?
    cryptw
    • These "terabits" were the amount of data supposedly leaving US government networks without authorisation. Sounds high, doesn't it. "Intellectual capital" is just a fancy word for "data", making it sound like a worse kind of theft. However my gut feeling is that WikiLeaks is just the tip of the iceberg.
      stilgherrian