Cyber analogies vs cyber realities

Encrypt Thyself — Attacks and Consequences

From Slashdot:     new NSA Director Mike Rogers emphasized a need to establish behavioral norms for cyber war. “We’re still trying to work our way through distinguishing the difference between criminal hacking and an act of war,

He’s right.  Too many of the articles I read about cybersecurity throw everything together: defacing web sites, spam, phishing, as well as potentially disabling attacks on infrastructure are all seen as “cyberconflict” or “cyberattack”.  The language then leads to comparisons to war, Pearl Harbor, the Battle of Britain or nuclear deterrence.   So, below,  I’ve tried to categorize various kinds of intrusions in various sectors.  To me, this is the first step towards defining a better strategy which, like the Seattle Seahawks in last year’s Superbowl, relies on defense more than offense.

Normal Civilian Users Companies  Finance Civil Infrastructure .mil & .gov And the Antidote please:
Spying Unnoticed, could lead to other systems Loss of intellectual property Potential  information leading to crime Identify vulnerabilities for  future use Identify vulnerabilities to gain an advantage End-to-end encryption
Vandalism & defacing Inconvenient Inconvenient, temporary loss of business Temporary disruption, possible criminal profit. Relatively inconsequential Locked down code
Alter data Few consequences Potential business problems until rectified Criminal  advantage Potential  future failures Could mislead adversary Intrusion detection & BACKUPS
Install Sleeper Probes (Logic bombs) Unnoticed No particular use, unless blackmail. Future use could  disrupt or provide criminal advantage — Blackmail? Available in case of war Fifth column Tracking changes
Physical destruction by cyber intrusion Minor losses Limited loss of business Widespread loss of business Potential act of war Potential act of war All of the above — plus physical security