Finally seated in the crowded auditorium at Blackhat 2011, our first keynote speaker, Cofer Black, a veteran government intel mainstay, regales us with the US threat stance and endeavors, mostly in the physical arena of combat and operations. Then he relates it to the cyber arena. Referencing the U.S. Government’s highest priority threats, which used to be abbreviated: “CBRN” (Chemical, Bacteriological, Radiological, Nuclear). Now he says the priorities have changed, and are now abbreviated “KBC”, (Kinetic, Bacteriological, Cyber). He attempts to elucidate the cybercrime factor, and tries to hand the cyberwar fighting batton to the crowd of hackers he hopes to encourage, specifically citing Stuxnet as a touchstone for things to come. When hackers attempt to affect physical infrastructure, he says, they are very close to being classified as a more traditional military arena. He was also quick to point out, despite all his experience, the crowd would understand more about defending against this than his typical cohort trained in the physical combat arena. He also thought it may be more difficult to defend in some ways than physical war. He labels this new direction “code war”, and thinks that while Al Queda seems (in his mind) to be fading from prominence, this arena will be escalating. He then warns about the potential “false flag” in the cyber arena, where a surrogate group affects the nastiness, and then governments have to determine credibility, attribution, and then calculate an appropriate response – and hope they’re right.
Around midstream in the talk, right near the point about hackers affecting physical infrastructure and critical systems, the building FIRE ALARM WENT OFF, complete with announcements, sirens, flashing strobes, a minute of awkward silence by the speaker, and then a voice announcing the alarm had been investigated and resolved. But the alarm doesn’t go off, it keeps going. Eventually they get it shut off. This has to be out of a movie, right? Well, you had to be there. Elaborate ruse? I don’t Caesar’s Palace would stand for something like that. Case in point for hacking infrastructure? I’ll let the reader decide.
Regardless, what a way to kick off the conference. We’ll be blogging about the sessions throughout the conference, when we’re not ducking and running out of the building after fire alarms :)
Author Cameron Camp, We Live Security