Reverse Deception: Organized Cyber Threat Counter-Exploitation Read Online Free Page A
Author: Sean Bodmer
Tags: General, Computers, security
inflicted, and missions accomplished. 5 Military deception is only a special case of the survival value of deception displayed by all living things.
Sun Tzu, the Chinese philosopher of war, was very sensitive to the element of competency. He said, “All warfare is based on deception.” But master Sun looked beyond the value of deception in combat. He praised the general who is able to accomplish missions at low cost in lives and treasure “One hundred victories in one hundred battles is not the most skillful. Subduing the other’s military without battle is the most skillful” (from The Art of War: A New Translation by the Denma Translation Group , Shambhala Publications, Inc., Boston, 2001).
Competence at what? As deception is about behavior, this question immediately arises: What does the deceiver want the adversary to do? And what must his behavior be in order to induce that which he desires in the target or object? And beyond that behavior, what, if anything, must the deceiver do to ensure the adversary’s cooperation?
We maintain that a competent competitor is a deceptive one. Involvement in any competitive activity assumes sensitivity to the intelligence and competence of the adversary. One’s own plans must allow for surprise or unexpected adversary action, and to do so, must assume that preparations will be made for that unanticipated occurrence. Otherwise, one is left to rely on overwhelming strength and resources for success. Some leaders, generals, and coaches do try to win with overwhelming force, but the competent leaders, generals, and coaches know enough to prepare for the eventuality that the advantage of overwhelming strength may not be theirs. What then? Already competent, the competitor must resort to guile. If he is more than merely competent, he may not reserve guile for the last resort.
If the defender is morally and ethically justified in using deception to defend the network because the adversary is using deception in pursuit of his ends, who should be responsible for planning and executing defensive deception? Answer: the most competent and most creative defenders.
Any deception plan must balance potential gains against the costs and risks of failure or blowback. 6 The basic assumption of any deception operation must be that the adversary is also a competent operator, and thus has made as close a study as he could of the defenders’ behavior to support his attacks. That being so, the defenders must be aware of their own behavior to avoid tipping off the adversary. One might think of a poker player trying very hard not to fall out of his chair when he draws a fifth spade for his straight.
The potential defensive deceiver must be at least technically competent to ensure that the desired message is delivered to the adversary in a credible manner. For that, the deceiver needs to be familiar enough with the adversary to know to what the adversary is likely to react. And, ideally, the defensive deceiver is able to observe the adversary closely enough to know if the message has been received and if the adversary is believing it. The confidence with which a deception can continue is tied to how well the deceiver is able to know whether the ploy has been seen and accepted.
Clearly then, the defensive deceiver must be very knowledgeable of his own system, cleverer than the attacker, and a manager of a complex task. He must both use and generate intelligence. He needs to know and be able to call on and coordinate the efforts of organizations outside his own for information and support as his operation progresses through its life.
Life is the appropriate word. Deceptions end with success, failure, or ambiguity. Something happened, but we can’t say if the deception was responsible. With success, the operation must be closed and lessons learned. With failure, the operation must be closed, the damage limited, and lessons learned. With ambiguity, only the lessons must be learned.
But with all of
Sun Tzu, the Chinese philosopher of war, was very sensitive to the element of competency. He said, “All warfare is based on deception.” But master Sun looked beyond the value of deception in combat. He praised the general who is able to accomplish missions at low cost in lives and treasure “One hundred victories in one hundred battles is not the most skillful. Subduing the other’s military without battle is the most skillful” (from The Art of War: A New Translation by the Denma Translation Group , Shambhala Publications, Inc., Boston, 2001).
Competence at what? As deception is about behavior, this question immediately arises: What does the deceiver want the adversary to do? And what must his behavior be in order to induce that which he desires in the target or object? And beyond that behavior, what, if anything, must the deceiver do to ensure the adversary’s cooperation?
We maintain that a competent competitor is a deceptive one. Involvement in any competitive activity assumes sensitivity to the intelligence and competence of the adversary. One’s own plans must allow for surprise or unexpected adversary action, and to do so, must assume that preparations will be made for that unanticipated occurrence. Otherwise, one is left to rely on overwhelming strength and resources for success. Some leaders, generals, and coaches do try to win with overwhelming force, but the competent leaders, generals, and coaches know enough to prepare for the eventuality that the advantage of overwhelming strength may not be theirs. What then? Already competent, the competitor must resort to guile. If he is more than merely competent, he may not reserve guile for the last resort.
If the defender is morally and ethically justified in using deception to defend the network because the adversary is using deception in pursuit of his ends, who should be responsible for planning and executing defensive deception? Answer: the most competent and most creative defenders.
Any deception plan must balance potential gains against the costs and risks of failure or blowback. 6 The basic assumption of any deception operation must be that the adversary is also a competent operator, and thus has made as close a study as he could of the defenders’ behavior to support his attacks. That being so, the defenders must be aware of their own behavior to avoid tipping off the adversary. One might think of a poker player trying very hard not to fall out of his chair when he draws a fifth spade for his straight.
The potential defensive deceiver must be at least technically competent to ensure that the desired message is delivered to the adversary in a credible manner. For that, the deceiver needs to be familiar enough with the adversary to know to what the adversary is likely to react. And, ideally, the defensive deceiver is able to observe the adversary closely enough to know if the message has been received and if the adversary is believing it. The confidence with which a deception can continue is tied to how well the deceiver is able to know whether the ploy has been seen and accepted.
Clearly then, the defensive deceiver must be very knowledgeable of his own system, cleverer than the attacker, and a manager of a complex task. He must both use and generate intelligence. He needs to know and be able to call on and coordinate the efforts of organizations outside his own for information and support as his operation progresses through its life.
Life is the appropriate word. Deceptions end with success, failure, or ambiguity. Something happened, but we can’t say if the deception was responsible. With success, the operation must be closed and lessons learned. With failure, the operation must be closed, the damage limited, and lessons learned. With ambiguity, only the lessons must be learned.
But with all of
Readers choose
Lawrence Santoro
Charlotte Boyett-Compo
Steven Croft
Sir Arthur Conan Doyle
Katie Jennings
Rita Bradshaw
Rex Stout
Shaniel Watson
Dave Barry
Claire Adams