The Element of Surprise

Early June, sixty-seven years ago, a battle was fought that ultimately determined the course of modern history.  After studying World War II, a sad fact emerges:  the lack of radar meant terrible losses.  Weather could be used to hide, and surprise was the ultimate advantage.

Today, it appears that we have some bold adversaries that remember surprise is the key to “victory”.  Yet, what surprise can exist in a world today where satellites photograph and index every square inch of earth – continuously?  A world where people with smart phones can instantly communicate with millions of people?  Is surprise even possible?

Our greatest strength in the United States is that we are an immigrant nation – of all nationalities and religions.  We happily take the smartest, most driven people from all over the world.  It makes our nation stronger and more prosperous.  We also believe that trading relationships help mute global aggression.  After all, why would a country attack the United States if their economy has a dependency on it?

I knew that when Lockheed Martin was hacked that we will never (nor should) learn all of the details. It must have been sophisticated and intentionally destructive given an A1 headline in the Wall Street Journal. Enough details are public now to know that “hackers” were able to exploit RSA‘s SecurID tokens.  Why is this so important? Well, these tokens are the de facto standard of authentication for companies.  The formula is simple:  as a company, if you need to prove you have secure and valid access to your system, then SecurID is it.  If a company has not chosen SecurID as the method for authentication, then it appears to auditors that it is not serious about security (which results in the purchase of SecurID tokens).  Being able to crack this method of authentication – insuring you are who you say you are – is (or was) the top prize of “hacking”.  But this is not hacking.  “Hackers” know what lands you in Guantanamo Bay, and this is it.

I’ll state this another way.  The parties responsible for the RSA intrusion can now infiltrate all sectors of our economy: defense contractors, finance, energy, government, transportation.  Why? Because they can now bypass SecurID. RSA is offering to replace all tokens.  Only parties safely backed by a government would be so brazen.  The U.S. government recognizes this, and has stated that we have the right to retaliate with explosives.  Does this now sound like it was simply “hackers”?

Now, for some speculation.  As someone in the technology business, there is a second route into the heart of our country.  It is well noted that the American “consumers” base all decisions on price.  For technology purchases, it is common to buy products designed and manufactured by foreign companies.  If I were chartered with putting a back door into a television, smart phone, computer, WiFi router, or refrigerator (to name a few), I would simply ship the system with software bugs, assuming ignorance of the matter. The difference here is that I would already have alternate code ready for use.  Imagine your television (or any smart device) becoming a foothold within our borders, controlled by a foreign government.  Multiply that by millions, if not billions, of devices and you start to get the picture.  Guess what?  It’s all by surprise, and this is the new battlefield.

References:


Leave a Reply

Your email address will not be published. Required fields are marked *