The findings and conclusions of malware “analysis” are not in fact analysis; they are, however, a collection of data points linked together by assumptions whose validity and credibility have not been evaluated. This lack of analytic methodology could prove exceedingly problematic for those charged with making decisions about cyber security.
The leak that the U.S. was apparently behind the Stuxnet worm that impacted the Nataz nuclear enrichment facility in Iran came – as it always does – with a rash of analysis and opinion related to the hazards associated with “sophisticated” malware and “cyber weapons.” But it is a reliance
“The hacker group Anonymous on Monday crashed the websites of two trade associations that support a House cybersecurity bill. “ (Source: Hackers strike over cybersecurity bill – The Hill’s Hillicon Valley.)
In the finger-pointing-fest after 9/11, the US Intelligence Community was blamed for failing to “connect the dots.” As incomplete a description of the intelligence analysis process as that may be, it brought to the fore a point that many of us in the business had been complaining about for years:
Money quote from the Author’s Note: The unavoidable conclusion is that the U.S. government cannot continue to allow a collecting agency to make unilateral originator control determinations regarding the intelligence it collects. … I hope to explain why they are not in position to make the best “need to know”
I used to wax and wane about the need to purge national security functionaries, but I’ve stopped waning, as my latest commentary at ThreatsWatch indicates.
(cross-posted at Haft of the Spear) I don’t get Insight Magazine so I don’t know the full story that goes along with this teaser: The U.S. intelligence community has assessed that Osama bin Laden has benefited from a secure haven in Pakistan that allows him to plan a major attack
(Cross posted to Haft of the Spear) I engaged in several conversations about cyber threats this past week and each conversant repeated with certainty a lack of concern over a relationship between terrorists and mobsters in the virtual world. I’d like to think that an unholy alliance of that sort
Love those tart cherries . . . As predicted, it turns out that the recently leaked NIE isn’t exactly the scathing indictment of current war/counterterrorism efforts as certain elements would have you believe. In fact just a few snippets of the rest of the story paint a much more interesting
Cross posted at Haft of the Spear As incoming Defense Secretary Robert M. Gates plots a fresh path through Iraq, he is also expected to chart a different course for Pentagon intelligence programs, rolling back some of Donald H. Rumsfeld’s aggressive expansion of intelligence operations that rankled agencies such as