Bring on the Leaks!

Article excerpt

Byline: Trevor Butterworth

Stuxnet was a valuable warning shot.

Congress may be throwing a fit over intelligence leaks that implicate the United States in an elaborate cyberattack against Iran's nuclear program, but to some of the world's leading cybersecurity experts, the revelations, far from doing harm, may actually do the world a favor.

"This is nothing if not a good opportunity to accept reality," says Rodney Joffe, senior vice president and senior technologist at Neustar. Stuxnet--and its newly identified kissing cousin in cybermischief, Flame--should not be seen as fiendish pieces of technology that the military let loose and then lost through careless coding and opportunistic leaking, but something that hackers were doing long before the military muscled in. It is simply "naive," he says, to think that only the military is capable of such sophistication. China's industrial base practically depends on hacking for innovation, he explains. And yet the attitude among many CEOs is that they're safe from cyberattack.

Richard Bejtlich, chief security officer for the information-security company Mandiant, concurs, noting that many politicians are woefully unaware of the new status quo of national insecurity; and while he, as a former Air Force intelligence officer, is appalled by some of the recent leaks about military operations, he says the Stuxnet incident provides a valuable teaching moment. …