[Dailydave] What is a cyberweapon?
briansnow at comcast.net
Wed Feb 22 15:15:53 EST 2012
Not an over-simplification, but a useful clarification (indeed, the focus should be on the agent with intent within a "system-with-intent") .
Example, which is the better characterisation:
"Officer shoots felon in bank robbery attempt" or
"Felon in bank robbery attempt shot by gun held by officer."
----- Original Message -----
From: "Daniel J Gieseman [ITRNS]" <dgiesema at iastate.edu>
To: dailydave at lists.immunityinc.com
Sent: Thursday, February 16, 2012 4:40:27 PM
Subject: [Dailydave] What is a cyberweapon?
My take on what Dave is saying is that things like reliable exploits, malicious scripts, etc are not cyber weapons per se, not any more than a bullet is a weapon. It is only when the bullet becomes part of a "system-with-intent", does it become "weaponized".
I think I see the difference, and when you look at things from that level of abstraction, threats and how you mitigate appear differently. Example: countering the institutional actor (e.g. the "system-with-intent" in this case) will yield better degradation and denial response than merely detecting and armoring yourself from any "bullets" being fired.
However, this begs the question, what do you do when your institutional adversary is not a Swedish Server Farm, but a state actor not easily degraded?
Perhaps an over-simplification, but I couldn't resist chiming in.
Dailydave mailing list
Dailydave at lists.immunityinc.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dailydave