Henry said that smarter analysis of a company's network logs could help provide the necessary groundwork for such strategies, and he advocated legal changes to establish methods or even responsibilities for data sharing between private companies and government on attacks and threats. Today, companies that are attacked don't typically share data that could help others avoid the same fate, he said. And companies often accuse government agencies of being similarly secretive.
Speaking before Henry, Jeff Moss, founder of the Black Hat conference and chief security officer of ICANN, who is also known as the Dark Tangent, said he too believed civilian computer security should be more active. "We need some white blood cells out there, companies who are willing to push the envelope and live on the edge and push the threat actors and see what happens."
Moss mentioned CrowdStrike as one example. Another, he said, is Facebook, which has pioneered the use of evidence gathered in the wake of an attack to go after the perpetrator independently of law enforcement. In January, the social networking company filed a civil lawsuit against marketing company Ascend alleging that it had used malicious website code to hide Facebook Like buttons beneath salacious photos, tricking Web users into boosting the Like count of clients.
"I'm not a government, I don't have treaties, I don't have the force of military," said Moss, "but I can hire lawyers, and they're almost as good." Moss believes that this approach could also help establish rules for retribution that cross international borders.
Some observers object to the idea of private companies taking on detective and enforcement work, saying that this should be left to agencies of government, particularly since many attacks on corporations are believed to originate with nation states. Henry argued that companies in the United States have been forced to consider this approach.
"In the cyber world
View the Original article
No comments:
Post a Comment