|
> The NSA isn't interested in defensive work these days. Hasn't "a great offense is always the best defense" always been the name of the game? We've gone from fists, to stick and rocks, to spears, to swords, to Greek Fire, to gunpowder, to nuclear weapons. Why not now be the ones to own the power to take down any computer or network? Great efforts in defense aren't necessarily successful or rewarded either, e.g. Reagan's "Star Wars"/SDI https://en.wikipedia.org/wiki/Strategic_Defense_Initiative which was widely criticized and failed miserably. While cyberdefense is not in the same unrealistic realm as SDI was in the 80s, the ways that most people think about security- firewall on the perimeter and/or securing each node, pen testing, patches, and locking down what can be installed/used- don't really solve the problem of having a wide attack vector. Imagine if you could shoot a single soldier out in the field and it would kill his/her whole battalion, the base in which he/she was stationed, and perhaps destroy or weaken the entire army or even armed forces to which he/she belonged? That is the situation now. Playing ultimate defense requires much more isolation. We shouldn't be on the same network, we shouldn't always be connected, and we should really limit how the outside world can affect each node. That isn't often the case with the networks we have currently. |
There's no cyberattack equivalent of that - it's not like bricking a few $1000 PCs would disable foreign cyberattack capabilities.