What "Countermeasures" Really Means
Symbiot Security recently released news of a controversial new defensive computer security service and placed a stake in the ground of enterprise security with a white paper titled “On The Rules of Engagement [PDF].” Essentially, the rules allow victims of network-based attacks to plan and execute countermeasures – effectively fighting back. Andy Oram from the O’Reilly Network engaged the chief officers of the company in an interview about this innovative new service – and it makes for some very interesting reading.
The interview was quickly followed by Paco Nathan’s “What ‘Countermeasures’ Really Means.”
It seems that online vigilantism is more common that you might think:
One dirty little secret of information security is that corporations have been using “tiger teams” for years in order to launch highly aggressive counterstrikes against attackers. Why? Because many more corporations get attacked and extorted through computer intrusions than the popular press will ever report. The counterstrike capabilities of the U.S. Defense Department are even more advanced than corporate practices, and it is envisioned that the next large-scale military conflict will involve substantial exchanges of network-based attacks.
Perhaps it’s time to don that digital body armour?