[iwar] Re: Why 'conventional' terrorist groups Not utilizing Cyber

• Next message: Fred Cohen: "[iwar] More complete approaches"
• Previous message: Tony Bartoletti: "Re: [iwar] Article about a lack of leadership"
• In reply to: Fred Cohen: "Re: [iwar] Re: Why 'conventional' terrorist groups Not utilizing Cyber"
• Next in thread: Fred Cohen: "[iwar] More complete approaches"
• Reply: Fred Cohen: "[iwar] More complete approaches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Return-Path: <sentto-279987-1652-998940633-fc=all.net@returns.onelist.com>
Delivered-To: fc@all.net
Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 27 Aug 2001 12:32:09 -0700 (PDT)
Received: (qmail 24631 invoked by uid 510); 27 Aug 2001 19:30:39 -0000
Received: from n10.groups.yahoo.com (216.115.96.60) by 204.181.12.215 with SMTP; 27 Aug 2001 19:30:39 -0000
X-eGroups-Return: sentto-279987-1652-998940633-fc=all.net@returns.onelist.com
Received: from [10.1.4.52] by ej.egroups.com with NNFMP; 27 Aug 2001 19:30:33 -0000
X-Sender: ellisd@cs.ucsb.edu
X-Apparently-To: iwar@yahoogroups.com
Received: (EGP: mail-7_3_2); 27 Aug 2001 19:30:33 -0000
Received: (qmail 7790 invoked from network); 27 Aug 2001 19:11:20 -0000
Received: from unknown (10.1.10.26) by m8.onelist.org with QMQP; 27 Aug 2001 19:11:20 -0000
Received: from unknown (HELO n2.groups.yahoo.com) (10.1.10.41) by mta1 with SMTP; 27 Aug 2001 19:11:20 -0000
X-eGroups-Return: ellisd@cs.ucsb.edu
Received: from [10.1.10.69] by hi.egroups.com with NNFMP; 27 Aug 2001 19:11:19 -0000
To: iwar@yahoogroups.com
Message-ID: <9me60j+r9pm@eGroups.com>
In-Reply-To: <200108271609.JAA05665@big.all.net>
User-Agent: eGroups-EW/0.82
X-Mailer: eGroups Message Poster
X-Originating-IP: 128.29.4.1
From: ellisd@cs.ucsb.edu
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Delivered-To: mailing list iwar@yahoogroups.com
Precedence: bulk
List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com>
Date: Mon, 27 Aug 2001 19:11:15 -0000
Reply-To: iwar@yahoogroups.com
Subject: [iwar] Re: Why 'conventional' terrorist groups Not utilizing Cyber
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

--- In iwar@y..., Fred Cohen <fc@a...> wrote:

[snip]

> > Non sequitor.  Does an increase in complexity lead to higher 
costs, an 
> > increase in attribution, or likely of failure? 
> 
> All of the above.
> 
> > Higher costs are likely to be bounded by the amount of human 
effort 
> > required, which is a very low-order function.
> 
> Not for complex attacks.

Adding bodies follows the law of diminishing returns (Brooks, The 
Mythical Manmonth).  People may be needed to gather initial data, but 
analyzing the attack is not something that takes hundreds or even 
dozens of people.

> 
> > Attribution is only more likely as the heinousness of the attack 
> > grows.  The more heinous, the more man power will be thrown at it 
> > from the victim to discern who to blame.  However, even here, the 
> > law of diminishing returns plays a significant role. There is a 
tight 
> > asymptotic upper bound for attribution given conventional methods 
of 
> > traceback.
> 
> The more complex, the larger the infrastructure in support of it, 
thus
> the larger the footprint.  Most terrorist acts involve a very small
> number of individual actors - part of their operations security.

Given the fact that an attack is sinister, is it necessarily complex?  
I would suggest no.  It may exploit complexities.  It may require a 
great deal of understanding and domain knowledge, but the attack 
itself may be relatively simple.  Just because a diamond cutter has a 
high degree of domain knowledge and the diamond itself is a complex 
structure does not mean that the hammer and pick need to also be 
complex.  (Maybe this is a bad analogy, and if you think so, I am sure 
you will let me know.:)

> > > Several to many orders of magnitude more expensive for a strong 
IW
> > > attack than a pipe bomb.  
> 
> > How did either of us come to our conclusion?
> 
> Like I said, I have studied this in some depth over an extended 
period
> of time using specific examples.  How did you come to your 
conclusions?

I admit that my historical experience is limited.  I just thought 
about what damage I personally could do and how I would do it.  
Although neither approach is complete, which would you put more 
confidence in?  An incomplete analysis of what is possible based on 
historical survey or a creative approach that simply attempts to 
answer the question "what is possible?"?  I am guessing you would 
prefer the latter.

In any case, do you agree that our differences come down to the nature 
of IW attacks?  I suggest that complexity is always a part of the 
setup but not always an attribute of the attack itself.  Am I correct 
to assume that you think complexity is always a part of the attack 
itself?

cheers,
Dan


------------------------ Yahoo! Groups Sponsor ---------------------~-->
The Nissan Sentra
Everything but compact
http://NissanDriven.com
http://us.click.yahoo.com/3vsIKC/txlCAA/ySSFAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/ 

• Next message: Fred Cohen: "[iwar] More complete approaches"
• Previous message: Tony Bartoletti: "Re: [iwar] Article about a lack of leadership"
• In reply to: Fred Cohen: "Re: [iwar] Re: Why 'conventional' terrorist groups Not utilizing Cyber"
• Next in thread: Fred Cohen: "[iwar] More complete approaches"
• Reply: Fred Cohen: "[iwar] More complete approaches"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:40 PDT