the new yorker on cyber security

Via the infosecnews mailing list I perused a cyber security article in the New Yorker. I wanted to draw attention to two and a half points.

First, I liked the discussion on the difference between “cyber espionage” and “cyber war.” That’s basically been my view of things, and how so many of the threats and “attacks” we’re seeing today are not new…it’s just traditional espionage moving further into the cyber plane. That’s it.

Second, it takes a few pages to sink into the topic of the desire of the NSA to peek into encrypted communication and how that compares to those groups and the public who strive to encrypt everything. This is a complicated picture. For instance, a private company is smaller scale of the same government/citizen issue. If the security teams can’t see into the traffic generated in the company, they also will lose quite a bit of intelligence in their operations. If an employee can set up an encrypted tunnel out port 80, this is still not something easily found and/or blocked my many enterprises. And it certainly is a problem to see what is being sent over that tunnel.

Lastly, I made note of the mention about how the NSA also wants to know the identity of people in these communications. A wholly new topic, really. At least this is far more trackable in an organization, than in a public nation.

By the way, read to the end for the payoff on the EP-3A recon aircraft that helps open the story.