{"596725":{"#nid":"596725","#data":{"type":"news","title":" Georgia Tech Cyber Security Summit Declares 2017 a Turning Point for Attribution","body":[{"value":"\u003Cp\u003EIs the ability to identify a cyber attacker good and getting better?\u0026nbsp;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EAt the Georgia Institute of Technology on Wednesday, \u003Ca href=\u0022https:\/\/www.steptoe.com\/professionals-Stewart_Baker.html\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003EStewart A. Baker\u003C\/strong\u003E\u003C\/a\u003E, the first assistant secretary for policy at the U.S. Department of Homeland Security, proposed that 2017 might just be a transformational moment in the quest for better cyber attribution (identifying the source).\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;We are entering a golden age of attribution where perpetrators are increasingly being called out with reasonable certainty; but while the brave have gotten a lot of press out of it, will they regret their business approach and are their methods good enough and specific enough to be useful?\u0026rdquo; said Baker, who delivered the keynote address at the\u0026nbsp;\u003Ca href=\u0022http:\/\/cyber.gatech.edu\/2017-cyber-security-summit\u0022\u003E15th Annual Georgia Tech Cyber Security Summit\u003C\/a\u003E held Sept. 27. Today, he is a partner in Steptoe \u0026amp; Johnson LLP.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EBaker reviewed four problems with attribution now: the balkanization of security, limited incentives to do attribution, speed of response, and availability of tools. He called for \u0026ldquo;data man traps\u0026rdquo; and cyber \u0026ldquo;beacon die-packs\u0026rdquo; like those used by banks that could make it easier for law enforcement or intelligence communities to locate cyber hackers.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EOrganizations are beginning to publicly voice who they suspect is behind highly publicized breaches. Sony Pictures identified North Korea as their culprit. The Democratic National Committee identified Russia. Meanwhile, universities such as Georgia Tech are working closely with government sponsors and commercial partners to develop an initial science of traceback around how attribution should be performed.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;Georgia Tech is building frameworks for attribution so that others can leverage our approach by applying their own data and analyzing the result,\u0026rdquo; said \u003Ca href=\u0022http:\/\/iisp.gatech.edu\/michael-farrell\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003EMichael Farrell\u003C\/strong\u003E\u003C\/a\u003E, co-director of the Institute for Information Security \u0026amp; Privacy (IISP) and organizer of the summit.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EBut once analyzed, key questions still remain, even when methods are sound. \u0026nbsp;What is the right response when facing a nation-state hacker versus the individual criminal? \u0026nbsp;What does it mean to hold nation states and companies responsible?\u0026nbsp; How should the private sector use attribution information to better defend themselves and mitigate risk? What if government is wrong when it claims who is behind an attack?\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;We have to start with the assumption that cybersecurity is not something the public entirely has their head around,\u0026rdquo; said \u003Ca href=\u0022https:\/\/www.ft.com\/stream\/2028192b-6b12-330a-a03a-0ee74d6cc203\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003EHannah Kuchler\u003C\/strong\u003E\u003C\/a\u003E, journalist for the \u003Cem\u003EFinancial Times\u003C\/em\u003E, who participated on a panel at the Summit moderated by Baker. \u0026ldquo;When government agencies offer conflicting opinions, it is confusing for the public.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;There is a dissatisfaction in Washington, D.C., with the deterrence toolbox right now,\u0026rdquo; said \u003Ca href=\u0022https:\/\/www.cfr.org\/experts\/robert-k-knake\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003ERobert Knake\u003C\/strong\u003E\u003C\/a\u003E, senior fellow at the Council on Foreign Relations and also a panelist at the summit. \u0026ldquo;A basic problem here is contagion. [Hack back tools] can reach targets they weren\u0026rsquo;t intended for. To ban certain targets as off limits [during a counterattack], you\u0026rsquo;d also have to ban certain types of attacks. I\u0026rsquo;m not sure that will work.\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EIn addition to Kuchler and Knake, the panel included \u003Ca href=\u0022https:\/\/en.wikipedia.org\/wiki\/Kim_Zetter\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003EKim Zetter,\u003C\/strong\u003E\u003C\/a\u003E investigative journalist and author of a 2014 book about the Stuxnet virus; \u003Ca href=\u0022https:\/\/www.linkedin.com\/in\/cristin-flynn-goodwin-24359b4\u0022 target=\u0022_blank\u0022\u003E\u003Cstrong\u003ECristin Goodwin\u003C\/strong\u003E\u003C\/a\u003E, assistant general counsel for Microsoft Corp.\u0026rsquo;s security business, and \u003Cstrong\u003EChad Hunt\u003C\/strong\u003E of the FBI\u0026rsquo;s Atlanta office.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;What are the private actions that are available to companies?\u0026rdquo; asked Goodwin. \u0026ldquo;There are different standards of evidence when talking about attribution of individuals or groups of actors.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;What\u0026rsquo;s so frustrating about attribution right now is that governments are still wrestling with what does cyberwarfare mean,\u0026rdquo; she said. \u0026ldquo;What are the rights of states? What are the private actions that are available to companies\u0026hellip;? Our core value at Microsoft is how do we increase the cost of an attack to make it less valuable [for the perpetrator]?\u0026rdquo;\u003C\/p\u003E\r\n\r\n\u003Cp\u003EZetter, who has covered cyberwarfare and hacking since 1999, challenged whether governments should rely on private companies for attribution assistance.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;When you have the government relying on third-party companies for evidence, I think we\u0026rsquo;re getting into really muddy ground,\u0026rdquo; she said.\u003C\/p\u003E\r\n\r\n\u003Cp\u003EThe choices available to executives, law enforcement, front-line cybersecurity practitioners, and diplomats present unique facets to the problem of \u0026ldquo;what to do next\u0026rdquo; after a breach, said Farrell.\u003C\/p\u003E\r\n\r\n\u003Cp\u003E\u0026ldquo;Right now, we lack a deterrence mindset in cyberspace,\u0026rdquo; he said. \u0026ldquo;We can\u0026rsquo;t just dust off the Cold War playbook from 50 years ago and assume it applies.\u0026nbsp;Attribution is a key component to dealing with malicious cyber activity that is increasing in severity and volume.\u0026nbsp; Georgia Tech research is working to change that and help inform decision-makers so they can be proactive in mitigating information risk.\u003C\/p\u003E\r\n\r\n\u003Ch4\u003E\u003Cem\u003E\u003Cstrong\u003EFor more\u003C\/strong\u003E\u003C\/em\u003E\u003C\/h4\u003E\r\n\r\n\u003Cul\u003E\r\n\t\u003Cli\u003E\u003Cstrong\u003E15\u003Csup\u003Eth\u003C\/sup\u003E Annual Georgia Tech Cyber Security Summit\u003C\/strong\u003E: \u003Ca href=\u0022http:\/\/cyber.gatech.edu\/2017-cyber-security-summit\u0022\u003Ehttp:\/\/cyber.gatech.edu\/2017-cyber-security-summit\u003C\/a\u003E\u003C\/li\u003E\r\n\t\u003Cli\u003E\u003Cstrong\u003EDownload research presented at the summit\u003C\/strong\u003E: \u003Ca href=\u0022http:\/\/www.cyber.gatech.edu\/gtcss-research\u0022 target=\u0022_blank\u0022\u003Ehttp:\/\/www.cyber.gatech.edu\/gtcss-research\u003C\/a\u003E\u003C\/li\u003E\r\n\u003C\/ul\u003E\r\n","summary":null,"format":"limited_html"}],"field_subtitle":[{"value":"Questions Loom Large for Companies, Government in Quest for Better Cyber Attribution"}],"field_summary":[{"value":"\u003Cp\u003EStewart A. Baker delivered the keynote address at the 15th Annual Georgia Tech Cyber Security Summit -- proposing that 2017 might just be a transformational moment in the quest for better cyber attribution.\u003C\/p\u003E\r\n","format":"limited_html"}],"field_summary_sentence":[{"value":"Cybersecurity policy pioneers suggest that 2017 might just be a transformational moment in the quest for better cyber attribution."}],"uid":"27490","created_gmt":"2017-10-02 00:11:27","changed_gmt":"2017-10-11 14:08:34","author":"Tara La Bouff","boilerplate_text":"","field_publication":"","field_article_url":"","dateline":{"date":"2017-10-02T00:00:00-04:00","iso_date":"2017-10-02T00:00:00-04:00","tz":"America\/New_York"},"extras":[],"hg_media":{"596724":{"id":"596724","type":"image","title":"Stewart A. Baker delivers keynote address at 15th Annual Georgia Tech Cyber Security Summit.","body":null,"created":"1506902754","gmt_created":"2017-10-02 00:05:54","changed":"1506902754","gmt_changed":"2017-10-02 00:05:54","alt":"","file":{"fid":"227441","name":"cyber_summit-103.jpg","image_path":"\/sites\/default\/files\/images\/cyber_summit-103.jpg","image_full_path":"http:\/\/hg.gatech.edu\/\/sites\/default\/files\/images\/cyber_summit-103.jpg","mime":"image\/jpeg","size":531400,"path_740":"http:\/\/hg.gatech.edu\/sites\/default\/files\/styles\/740xx_scale\/public\/images\/cyber_summit-103.jpg?itok=pWLmRZqO"}}},"media_ids":["596724"],"groups":[{"id":"430601","name":"Institute for Information Security and Privacy"},{"id":"1281","name":"Ivan Allen College of Liberal Arts"}],"categories":[{"id":"133","name":"Special Events and Guest Speakers"},{"id":"153","name":"Computer Science\/Information Technology and Security"}],"keywords":[{"id":"1404","name":"Cybersecurity"}],"core_research_areas":[{"id":"145171","name":"Cybersecurity"},{"id":"39511","name":"Public Service, Leadership, and Policy"}],"news_room_topics":[],"event_categories":[],"invited_audience":[],"affiliations":[],"classification":[],"areas_of_expertise":[],"news_and_recent_appearances":[],"phone":[],"contact":[{"value":"\u003Cp\u003E\u003Ca href=\u0022mailto:tara.labouff@iisp.gatech.edu\u0022\u003ETara La Bouff\u003C\/a\u003E, Institute for Information Security \u0026amp; Privacy, 404.769.5408\u003C\/p\u003E\r\n","format":"limited_html"}],"email":["tara.labouff@iisp.gatech.edu"],"slides":[],"orientation":[],"userdata":""}}}