Not All ‘Cybers’ Are Created Equally

By Marcus Ranum, Tenable CSO

What do these four terms have in common?

Cyberwar, Cybercrime, Cyberespionage, and Cyberterror.

  • They all start with the word ‘Cyber’
  • They’re all bad stuff
  • And they’re all consistently confused with each other, despite significant differences (and sometimes conflicts) between them

    Many people already know my position on ‘Cyberwar’ but things have changed significantly over the past four years in IT and physical security, technology, the government, and the military. The actual ‘Cyber’ landscape is much more nuanced than many seem to realize, which has created an unnecessary public perception of extreme vulnerability (which can lead to fear, which can be dangerous).

    The people that are fully invested and overly concerned about ‘Cyberwar’ need a deeper understanding of the logistical problems that might make fighting a ‘Cyber’ conflict less than practical. We need to be asking more questions about the motive for different types of attacks.  Are they ‘state sponsored terrorism,’ are they a ‘war crime’ or what?  

    And the real question that has me scratching my head; Why are our government(s) investing so much taxpayer money preparing to conduct offensive ‘Cyber’ operations when its technologically and militarily impractical?

    I’ll be leading a discussion on this topic TODAY at RSA (February 29 at 8:00 a.m. - ID: HT1-201). Drink your coffee (or your 5-Hour Energy) and come prepared for a discussion.