By Patrick Thibodeau
February 2, 2010
ARLINGTON, Va. -- Google's revelation last month that attacks out of
China resulted in the theft of some of its data drew attention to the
broader question at the Black Hat conference here over what can be done
to the villains.
Cyberattacks give rise to anger and a very human desire to strike back,
but pursuing attackers in ways that matter isn't accomplishing much. The
number of people who are arrested and convicted for any of the phishing
attacks, intrusions and thefts is tiny.
Several countries, Russia and China in particular, don't want to
cooperate on cybersecurity enforcement, said Andrew Fried, a security
researcher at the Internet Systems Consortium, a nonprofit group, and a
former special agent at the U.S. Treasury Department. "The reality is
they don't want to do squat to help anybody," he said, on a panel at the
cybersecurity conference today.
After an attack, such as the China-Google incident, there's always
interest in establishing "attribution" - identifying the source of the
attack. But Jeff Moss, the founder of Black Hat and director of the
conference, questioned whether too much emphasis is placed on that
effort. Moss also serves on the Department of Homeland Security's
security advisory council.
"We should be spending more energy on dealing with the containment of an
attack, reducing the effects of an attack," Moss said. "I don't think we
will ever be able to stop the attack."
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News