2008-07-03

Differentiating CNA and CNE

The sometimes-subtle difference between espionage and attack in the electronic or digital realm is often completely glazed over in the media. This, I feel, is confusing two very different objectives of adversaries. Without such a distinction, it becomes hard to defend computers, networks, and data, as each requires a very different approach to detection and prevention. As Zach in Rage Against The Machine would tell you, "know your enemy." One must fully understand who is attempting to do what in order to properly align defenses.

This issue has annoyed me for a long time, and I've found it somewhat hard to articulate the significance of this delineation. Finally, it seems, someone is getting the word out - and in a way that's easy to understand. In a hearing before congress on May 20th of this year, Col. McAlum, director of JTF-GNO, stated the following:

I would also point out on this slide that it's really important to get the lexicon right. In the open source media and other forums, you hear the term "cyber attack" used rather liberally, and you won't hear anyone in the Department of Defense use that term in the context of cyber reconnaissance or network intrusions. What we are seeing today are network intrusions.

Some people might classify that as a form of cyber espionage. I would not have a problem with that characterization, but the terms "attack" and "intrusion" are very different and the differences are significant in many cases. So, for example, someone breaking on to an Air Force base with a camera and a backpack is a serious event, very serious, and is going to get the security forces and a lot of leadership's attention.

However, that's much different than someone breaking into an Air Force base with a satchel charge ready to plant it somewhere and blow something up. Those are sort of the nuanced differences that I think the lexicon discussion has to take into account.


This is one of many very interesting comments on this hearing, titled "CHINA’S PROLIFERATION PRACTICES, AND THE DEVELOPMENT OF ITS CYBER AND
SPACE WARFARE CAPABILITIES." If you take an interest in all the recent press about these topics, you will find this a very good read.

No comments: