I've never seen anything at all to make me think that the US is even a major player in the cyber warfare spectrum. Maybe top 10, but top 5? I'm not inclined to think so. <br><br>Dave makes a good point regarding the number of participants at foreign infosec conferences, but I'm not sure that's a good metric. There's no doubt BH/Defcon are flooded with Feds but those conferences aren't about cyber warfare. Hacking, exploitation, etc are all parts of cyber warfare but it's a much larger topic and one that I've never seen the government discuss in any detail in open channels.
<br><br><div><span class="gmail_quote">On 6/24/07, <b class="gmail_sendername">mOses</b> <<a href="mailto:trklisted@networksamurai.org">trklisted@networksamurai.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
The question is weather that is as scary as this:<br><br><a href="http://www.boston.com/news/nation/articles/2007/06/04/3_plead_guilty_in_tech_export_case/">http://www.boston.com/news/nation/articles/2007/06/04/3_plead_guilty_in_tech_export_case/
</a><br><br>Chi Mak who in 2005 was arrested for espionage. He was allegedly sending<br>documents from his job as a defense contractor over to china. The CD's<br>that where found contained propulsion systems for a new submarine and
<br>lot more juicy things you can imagine.<br><br>I wonder how much far forward the Chinese got because of this person and<br>people like him.....<br><br><br>Dave Aitel wrote:<br>><br>> Right now we're in the midst of some sort of weird publicity push from
<br>> the US Military regarding cyberwar, which started before the Estonians<br>> got DDoSed last week. Most of the articles point out how China is<br>> beefing up their forces with frankly inane titles such as "China
<br>> Cyberware Alert!":<br>><br>> <a href="http://edition.cnn.com/2007/TECH/internet/06/13/china.cyberspace.reut/index.html">http://edition.cnn.com/2007/TECH/internet/06/13/china.cyberspace.reut/index.html</a>
<br>> <a href="http://www.defensetech.org/archives/003548.html">http://www.defensetech.org/archives/003548.html</a><br>> There's a NYT article today too, but they make it impossible to link<br>> to them.<br>>
<br>> In March, Stratfor had an article about it as well:<br>> <a href="http://www.stratfor.com/products/premium/read_article.php?id=286304">http://www.stratfor.com/products/premium/read_article.php?id=286304</a><br>
> They concluded:<br>> """<br>> Ultimately, much about cyberwarfare efforts will remain classified.<br>> Cartwright's comments are more illustrative of a military that is<br>> accustomed to dominating the battle space preparing for a new
<br>> offensive in cyberspace. STRATCOM's staff judge advocate -- the<br>> command's legal representative -- likely has advised Cartwright that<br>> his efforts to bring offensive cyberwarfare measures to bear have
<br>> reached the point at which they require congressional oversight and<br>> approval -- the only real motivation for Cartwright to share his<br>> command's efforts with the public.<br>> """
<br>><br>> If you listen to John Arquilla, of the Naval Postgraduate school, he<br>> also mentions China first as the leading integrator of cyberwarfare<br>> into their overall strategy [1]. Oddly he believes there's only a few
<br>> dozen master hackers in the world, a number I think is far too small,<br>> but perhaps we have different definitions or just a different circle<br>> of friends. His estimate is that half of the master hackers are
<br>> American, a number I would say is irrelevant. You can't judge the<br>> length of a sword by the sharpness of the point.<br>><br>> My opinion is that any cyberwar waged against the United States would
<br>> be one-sided. As Admiral Yamamoto learned the hard way[2], one of the<br>> US Military's defining characteristics is extensive propaganda efforts<br>> to get the opponent to underestimate them. But as a somewhat useful
<br>> metric, you can fit the attendees of all the non-US information<br>> security conferences each month into any one US conference.<br>><br>> -dave<br>><br>> [1] <a href="http://www.worldpoliticsreview.com/podcast.aspx?id=30">
http://www.worldpoliticsreview.com/podcast.aspx?id=30</a> - I started<br>> listening to this sure he would be full of it, but it's really quite<br>> good.<br>> [2] <a href="http://en.wikipedia.org/wiki/Isoroku_Yamamoto">
http://en.wikipedia.org/wiki/Isoroku_Yamamoto</a> and<br>> <a href="http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote">http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote</a><br>
> <<a href="http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote">http://en.wikipedia.org/wiki/Isoroku_Yamamoto%27s_sleeping_giant_quote</a>><br>> ------------------------------------------------------------------------
<br>><br>> _______________________________________________<br>> Dailydave mailing list<br>> <a href="mailto:Dailydave@lists.immunitysec.com">Dailydave@lists.immunitysec.com</a><br>> <a href="http://lists.immunitysec.com/mailman/listinfo/dailydave">
http://lists.immunitysec.com/mailman/listinfo/dailydave</a><br>><br><br>_______________________________________________<br>Dailydave mailing list<br><a href="mailto:Dailydave@lists.immunitysec.com">Dailydave@lists.immunitysec.com
</a><br><a href="http://lists.immunitysec.com/mailman/listinfo/dailydave">http://lists.immunitysec.com/mailman/listinfo/dailydave</a><br></blockquote></div><br><br clear="all"><br>-- <br>Matthew Wollenweber<br><a href="mailto:mwollenweber@gmail.com">
mwollenweber@gmail.com</a> | <a href="mailto:mjw@cyberwart.com">mjw@cyberwart.com</a><br><a href="http://www.cyberwart.com">www.cyberwart.com</a>