[trotsky]

I do agree that there comes a time when you have to look at current the current security environment and realize that you need to enable the private sector to do more to defend themselves than appears possible currently. Relating of course to industrial espionage and the so-called "APT", not this #antisec nonsense. I don't look forward to a world where private firms are employing offensive cyber-mercenaries, but let's be honest - that is what many chinese firms and some western firms are already doing. Something needs to change to let western businesses respond to these threats, and it's clear that the usual mantras of defense in depth and being increasingly vigilant just aren't leading us down a winning path. We may never have infosec world where it's possible to adequately rely on defense only, perhaps it is time to move past the missile defense shields and on to MAD - much like US defense has gone.

[Jd]

It is more than "what many Chinese firms" are doing; it is what the Chinese government in collusion with many Chinese firms is actively doing all the time at all levels of US infrastructure, including not only industrial espionage but also actively attempting to steal all military and other tech from every server connected to the internet. Everything stolen is then pushed back to the appropriate vendor, which includes of course whatever companies are capable of producing stolen tech. This then is produced at low cost overseas and shipped back to the American consumer, who purchases it at the expense of an American product, leading to a loss in revenues for the American company that originally designed and produced the stolen product and dozens or hundreds more unemployed Americans.

This isn't MAD, this is constant low-level warfare waged by a foreign power without any US response except for monitoring and sporadic defensive efforts. The problem with a counter-offensive, esp. one waged by proxy private sector forces is that, first of all, the US is continually fighting the last war over and over (oh yes, let's invade Libya and setup democracy there... ), second of all even if we can plant detonation devices in Chinese infrastructure like they most certainly have littered in ours (who knows how many electric grids they could shut off at a moment's notice) this doesn't prevent their offensive efforts at all. In fact, the only thing that can prevent theft on a large scale is penalizing that theft, which certainly no current administration is capable of doing (notice the long standing list of promises regarding IP protection that China has reneged on). So really the only solution here is to innovate much more quickly domestically (including whatever private sector partnerships are appropriate via DARPA, etc.) and to continue to develop offensive capacities (which undoubtedly exist but given the classified nature of such, it is hard to know quite how well developed or capable they are). Undoubtedly we should also try to knock off Chinese government servers periodically as they do to ours just to be certain that we can -- and a private Blackwater might be just the ticket.

Oh yes, I used to work for the DoD.

[JoachimSchipper]

MAD doesn't really work if you have no idea who just hit you. It's not like the Chinese couldn't gather a few proxies first...

[trotsky]

There is a considerable amount of intelligence that continues to be gathered in the private sector about exploit authors, chinese hacking groups, and the actors involved in ongoing intrusions. Many of these groups conduct a fair amount of discussion and training pretty out in the open, confident of their status as out of the reach of western justice. Specific techniques and code present in a pair of Adobe 0-days used this spring point very loudly back to one collective and probably one or two specific actors that talk about these techniques in public in person. There are strong rumors that the night dragon intrusions track back to a specific actor. I've seen private investigator reports tailing specific intruders who verify that monitored intrusions happen reliably just minutes after people they have full dossiers on show up at their office. With many intrusions it's clear that the long term hosts are complicit in the bahvior. The wall of proxies defense tends to or at least can fall down against determined back hacking of the client.

All of these circumstances may not be the norm, but they exist. More would exist if there were more incentives to develop this kind of intelligence. The basic problem now is OK - what do you do with that info? NSA offensive security practices are not built for or available to the private sector. However, it seems very possible that these individual actors could be dissuaded, harassed, redirected or worse given the right program.

I'm not speaking of a state vs. state MAD. Perhaps I used the wrong term. But, even though I'm not a gun fan, there must be something to the idea that your neighbors may be less likely to break into your house if everyone knows you own a gun and you live somewhere you can shoot an intruder.

[sliverstorm]

Not to mention, the internet is a lot speedier than missiles- you'd need your destructive forces to detect, react and utterly destroy your target in milliseconds, otherwise they'll shut you down before you can do anything.