RSA wrap-up: A view from the cyber trenches

RSA's annual security conference highlighted an escalation of online hostilities, but it’s still not cyber war, federal officials said.

There's always a certain amount of dissonance at computer security trade shows as industry vendors point out what a dangerous and risky place cyberspace is while in the next breath saying that buying their particular shrink-wrapped security blanket is the most sensible response to such lawlessness.

The RSA Conference that wrapped up a week ago in San Francisco had its fair share of product hawking. Especially hot areas included ways to lock down mobile devices and — to a mind-numbing degree, according to some observers — cloud computing.

However, many participants were puzzled when some high-ranking government officials and security experts expressed views that seemed at odds with news headlines.

In the past year, computer hacking seems to have escalated to more serious levels, helping to make cyber war a popular topic throughout the RSA 2011 program, reports William Jackson in Federal Computer Week’s sister publication Government Computer News.

The Google server break-in last winter, allegedly by Chinese hackers, was just the tip of an iceberg of sophisticated intrusions into dozens of U.S. and international companies, including many defense firms. Then the highly targeted Stuxnet software virus — author unknown, but the United States and Israel are top suspects — turned hundreds of centrifuges in Iran’s nuclear program into scrap, demonstrating that power grid and other industrial infrastructure vulnerabilities are more than just theoretical. And later, there was the wake-up call of WikiLeaks publicly posting thousands of sensitive and secret State Department documents.

Those incidents are a cause for concern, but White House cybersecurity czar Howard Schmidt said during an RSA panel discussion that people need to calm down and quit labeling such incidents acts of cyber war, reports Michael Hickins on the Wall Street Journal’s “Digits” blog.

Schmidt emphasized that resolving online criminal acts such as identity theft should be treated differently than from protecting the electricity grid from sabotage by foreign powers or online espionage, but warlike rhetoric could threaten the United States’ ability to deal with any of those issues effectively, Hickins wrote.

Bruce Schneier, chief security technology officer at BT Global Services, speaking on the same panel with Schmidt, agreed that the term “cyber war” is used too liberally and partly blamed vendors that ratchet up such talk for their own economic benefit.

Semantics and profits aside, few doubt that there has been a steady escalation in the seriousness and nastiness of cyberspace skirmishing. Moreover, it appears both sides in those conflicts often use many of the same tools and tactics. Much of this happens out of public view, but not always.

For example, executives from cybersecurity firm HBGary Federal canceled their RSA exhibit hall booth and conference appearances after what they said were threats of violence from a hacker group they have been tussling with named Anonymous, writes Andy Greenberg at Forbes.com. Anonymous recently launched Web attacks in support of WikiLeaks.

HBGary Federal CEO Aaron Barr had planned a presentation in San Francisco on his efforts to penetrate and identify members of Anonymous, so the hacker group retaliated by stealing and releasing tens of thousands of the company’s e-mail messages two weeks ago.

The released records include details of the firm’s proposals to conduct shady operations on behalf of potential clients, including cyberattacks, misinformation campaigns and online intimidation of opponents. Nate Anderson of Ars Technica constructed a timeline and narrative of the documents.