“We should be very careful in using non-military language. You’re not a cyberwarrior, you’re not on the cyber kill chain, you’re not dropping digital bombs–you’re protecting civil society.” – Jeff Moss, OODA Network Member, Def Con Founder, and CISA Advisory Committee Member
Back in December, we provided coverage and analysis of the first meeting of the Cybersecurity & Infrastructure Security Administration (CISA) Advisory Committee. We noted then that CISA Director Jen Easterly and Def Con Founder Jeff Moss (a CISA Advisory Committee Member) at the meeting were less concerned with collaboration with the business community and, instead, prioritized messaging and outreach to the hacker and research community.
The Record reported that “the director cited her attendance [at Black Hat] as part of an effort to ‘ignite’ the hacker community and noted the inclusion of Jeff Moss, the founder of that conference and DEF CON who is also known by the handle Dark Tangent, in the committee.” Jeff Moss is also an OODA Network Member.
The Russian Invasion of Ukraine has now changed everything in this calculus of how best to “ignite” and perform outreach to the hacker and research community. Ostensibly, Vladamir Putin has done their work for them. Hours ago, Global Hacktivist Anonymous began to wage war on Russia.
This activity by Anonymous may prove a tipping point in CISA messaging and outreach efforts to the U.S-based hacker community. It is to be seen how this will impact U.S.-based hacker activity directed at Russia – and formal collaboration by U.S. hackers with the Intelligence Community and the U.S. Military.
With '#Anonymous' ramping up efforts against Russia, we can witness some big news pieces in the cyber domain. They have already brought down many websites including the Russian state media website RT repeatedly. pic.twitter.com/teugIynz7c
— Divyanshu Jindal (@JindalDiv) February 25, 2022
— Michael Gogel (@mgogel) February 24, 2022
Crisis Equals Opportunity: Closer Collaboration between U.S. Hackers, the Intelligence Community and Military Operations
At the time of the CISA Advisory Committee Meeting, Def Con Founder Jeff Moss’ offered this perspective on how best to reach out to the hacker community based on years of a leadership role in the white hat hacker community:
“During the meeting, Moss said the government needed to do a better job providing on-ramps for altruistic hackers who want to help contribute to global safety. But he also cautioned that there’s a lot of resistance within that community to being associated with the U.S. military or intelligence operations, so the group should be thoughtful in their outreach, he said.
“We should be very careful in using non-military language. You’re not a cyberwarrior, you’re not on the cyber kill chain, you’re not dropping digital bombs–you’re protecting civil society”, he said. “Many hackers still would be unlikely to trust CISA as an institution, but over time the agency could build its reputation by bringing in individuals who already have the trust of that community,’ Moss said.” (2)
We have suggested that the American high-tech industry could be a powerful, legal force in response to the growing number of cyber incidents by non-state actors on U.S. Critical Infrastructure. It is unclear what leverage legal actions create for the U.S. in response to Russian aggression. It is safe to assume that there is a global, corporate legal gestalt in motion at this very moment against Russia allied to the U.S. and NATO sanction regimes.
But, if Easterly and Moss can continue to leverage the respect and credibility they have in the hacker community, that would open a new offensive and defensive front against cyber threats that would, arguably, be as powerful and sophisticated as anything the business community can muster through cyber law activities and global sanctions activities. To a certain extent, the efforts of corporate IT and white-hat hacker activities are so apples and oranges, the real potential exists for both communities to run parallel collaboration efforts with CISA to stem the ferocious tide of cyber threats directed at U.S. critical infrastructure and the wage a coordinated response to Russia.
The risk right now is that cyber war activities by Anonymous have emboldened U.S-based hackers in a way that makes them feel like part of the global hacker community in resistance to Russia and Putin, making them less likely to formally engage the efforts by CISA, other government agencies, and the U.S. military in their cyber responses in defense of Ukraine and offensive cyber activities directed at Russia – and to formulate a massive response to Putin’s cyber capabilities.
Black Swans and Gray Rhinos
Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis
Explore OODA Research and Analysis
Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop
The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence
We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech
Security and Resiliency
Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency
The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community