RSA wrap-up: A view from the cyber trenches

There's always a certain amount of dissonance at computer security trade shows as industry vendors point out what a dangerous and risky place cyberspace is while in the next breath saying that buying their particular shrink-wrapped security blanket is the most sensible response to such lawlessness.

The RSA Conference that wrapped up a week ago in San Francisco had its fair share of product hawking. Especially hot areas included ways to lock down mobile devices and — to a mind-numbing degree, according to some observers — cloud computing.

However, many participants were puzzled when some high-ranking government officials and security experts expressed views that seemed at odds with news headlines.

In the past year, computer hacking seems to have escalated to more serious levels, helping to make cyber war a popular topic throughout the RSA 2011 program, reports William Jackson in Federal Computer Week’s sister publication Government Computer News.

The Google server break-in last winter, allegedly by Chinese hackers, was just the tip of an iceberg of sophisticated intrusions into dozens of U.S. and international companies, including many defense firms. Then the highly targeted Stuxnet software virus — author unknown, but the United States and Israel are top suspects — turned hundreds of centrifuges in Iran’s nuclear program into scrap, demonstrating that power grid and other industrial infrastructure vulnerabilities are more than just theoretical. And later, there was the wake-up call of WikiLeaks publicly posting thousands of sensitive and secret State Department documents.

Those incidents are a cause for concern, but White House cybersecurity czar Howard Schmidt said during an RSA panel discussion that people need to calm down and quit labeling such incidents acts of cyber war, reports Michael Hickins on the Wall Street Journal’s “Digits” blog.

Schmidt emphasized that resolving online criminal acts such as identity theft should be treated differently than from protecting the electricity grid from sabotage by foreign powers or online espionage, but warlike rhetoric could threaten the United States’ ability to deal with any of those issues effectively, Hickins wrote.

Bruce Schneier, chief security technology officer at BT Global Services, speaking on the same panel with Schmidt, agreed that the term “cyber war” is used too liberally and partly blamed vendors that ratchet up such talk for their own economic benefit.

Semantics and profits aside, few doubt that there has been a steady escalation in the seriousness and nastiness of cyberspace skirmishing. Moreover, it appears both sides in those conflicts often use many of the same tools and tactics. Much of this happens out of public view, but not always.

For example, executives from cybersecurity firm HBGary Federal canceled their RSA exhibit hall booth and conference appearances after what they said were threats of violence from a hacker group they have been tussling with named Anonymous, writes Andy Greenberg at Anonymous recently launched Web attacks in support of WikiLeaks.

HBGary Federal CEO Aaron Barr had planned a presentation in San Francisco on his efforts to penetrate and identify members of Anonymous, so the hacker group retaliated by stealing and releasing tens of thousands of the company’s e-mail messages two weeks ago.

The released records include details of the firm’s proposals to conduct shady operations on behalf of potential clients, including cyberattacks, misinformation campaigns and online intimidation of opponents. Nate Anderson of Ars Technica constructed a timeline and narrative of the documents.

About the Author

John Zyskowski is a senior editor of Federal Computer Week. Follow him on Twitter: @ZyskowskiWriter.


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.