Tuesday, December 28, 2010

Late night thoughts

  • We're in an OE we created and don't control.

  • Cyber is the new Urban and the adversary is the insurgent.

  • The adversary looks like the populace, sounds like them, lives in their midst, and hides his activities among the normal and legitimate activities of the populace.

  • Regular tactics don't work against irregular adversaries.

  • Know your doctrine, study the adversary's.

  • If someone punches you in the face, you're in a fight.

  • If you stand still you will continue getting punched in the face.

  • Espionage is a peacetime effort to us. To them, it's used as an opening salvo to position the pieces to control the center.

  • There is a lot of room for deception in the modern computing environment.

  • A mix of unorthodox and orthodox strategies is the only way to succeed.

  • Know and understand the needs, capabilities, tactics, tools and methodologies of the adversary. This is asymmetry.

  • Predictive capability can only come from studying history, yours and theirs.

  • The use of malware, viruses, worms and other destructive software is encouraged, and condoned. This is killing with a borrowed knife.

  • If I was in a different country, I would be expected to use my computer as a weapon.

  • The siegfried line was overrun through cunning and persistence.

  • The maginot line was flanked.

  • A hardened structure can only protect you from that which it is hardened against.

  • Siege warfare mentality no longer applies, yet it is practiced.

  • A stationary target will always succumb to cunning and persistence, if it remains stationary.

  • Counter offensives launched from stationary positions will hardly be effective.

  • You must move as quickly as the adversary.

  • Your culture has shaped your entire life. Study a different culture and adapt.

  • When a country only wants to buy two of your products, it's so they can reverse engineer and copy them. Russia learned this the hard way.

  • The farewell dossier event occured nearly 30 years ago.

  • Master your own perception before manipulating the adversary's.

  • If the adversary is hungry. He can be easily manipulated.

  • Learn to build snowmobiles.

  • The world is non-linear. Think in conceptual spirals.

  • True intelligence is the result of synthesis.

  • Once a target, always a target. Once a target, always a victim. Once a victim, always a victim.


Keydet89 said...

Some good points here, HF...

I think that it might be useful to point out that there's an economic driver (no pun intended) behind a lot of what you're referring to. Given this, there's an unmatched motivator (we're apparently not all that interested in preventing or detecting compromises/breaches...) and the playing field is far from level.

"sigfried"...should probably be this.

Consider also that the adversary is practicing maneuver warfare...moving fast, using the terrain and eco-system better than the owners, and bypassing strong points. In many instances, the victim organizations haven't yet graduated to the phalanx tactics of the Roman legions, and are compromised, pillaged, and left before they ever knew the enemy was in their camp. Just look at the reports, particularly those that refer to PCI and other data breaches.

In many ways, we're facing the adversary on terrain of their choosing (our own infrastructures, which they know better than we do...), at a time of their choosing, and in a manner of their choosing...