One cybersecurity skilled’s viewpoint
To start with, it doesn’t actually matter what I speculate concerning the Chinese language spy balloon as a result of I shouldn’t have all of the intelligence accessible to me that the individuals who make selections about it do. My opinions don’t matter. I’m extra inquisitive about it than something.
My first thought was, “What’s in that balloon?” I don’t suppose it will be smart to shoot it down over the US if we shouldn’t have the reply to that query. All of the individuals within the authorities screeching to shoot it down instantly as if it posed some imminent menace have been uniformed and I’m personally very glad these individuals weren’t in control of this specific resolution. These cries to scare and rile up the American public have been merely political ways, not effectively thought out opinions based mostly on correct proof.
The balloon was apparently the scale of three buses. Supply:
The balloon didn’t give China extra intelligence than it already will get from its satellites. When it was shot down it scattered over a 7 mile space. Supply:
I assume they may have tried to shoot it down over some barren land, however who is aware of the place the wind would blow or what the contents of the balloon are and the way that will have affected the air or no matter was on the bottom.
Moreover, there’s a tactic typically taken in cybersecurity (which you shouldn’t do until you actually, actually know what you’re doing as it might probably result in catastrophic outcomes if you don’t.) You notice an adversary in your community — and also you don’t instantly kick them out. You watch them. You research their habits. You learn the way they function.
Within the case of this balloon, possible the info traversing from the balloon to no matter it’s vacation spot was encrypted, so it might not have been attainable to intercept and think about the visitors. However, typically it’s attainable to trick malware to ship it’s visitors to the unsuitable supply, at which level you may seize it within the clear and research it. Maybe that was occurring as this balloon traversed the US.
One other attainable tactic can be that the US may intercept the visitors and ship false knowledge again to the command and management servers working the balloon, hack these sources, and even trigger them to malfunction. The US has lately modified hack again legal guidelines. You and I, residents on the bottom, don’t know what the federal government was truly doing whereas that balloon was floating over the US.
Moreover, for all of the leaders within the authorities who again Trump and Trump himself saying what he would have completed about it, it has now come to gentle that three such balloons traversed the US underneath Trump’s watch. It’s no shock that the leaders from that point interval deny that came about. Supply:
How may this probably be true? This should be politics, proper? Properly the DoD possible saved footage of prior investigations from prior years and will refer again to that and revisit whether or not they had missed something up to now.
In fact, individuals who don’t wish to consider that gained’t. However until you’re briefed on the matter by US intelligence you actually can’t know or decide the proof.
And so that is how I really feel concerning the Chinese language spy balloon. I are likely to consider the federal government once they say it’s a spy balloon as a result of I understand how cybersecurity works. I perceive methods to intercept visitors and see what’s going on within the packets traversing the community — whether or not between two routers or a balloon and a satellite tv for pc.
I are likely to consider that it was a balloon used for capturing intelligence, however I can’t actually know. I really feel that many individuals that work in cybersecurity are evidence-based. It’s one thing you be taught after having correct coaching and years of expertise. You attempt to keep away from assumptions or leaping to conclusions. You are likely to base your opinions on evaluation and information, not rumour. So whomever working in cybersecurity for the federal government got here to this conclusion possible has correct proof to again up that assertion.
However while you don’t know — you simply say, “I don’t know.” Since you don’t. Except you’re aware about the proof, you don’t know what’s in that balloon, why the Division of Protection didn’t need Biden to shoot it down, and lots of different issues that may’t be decided with out the total proof to make a logical conclusion. So keep away from the political noise. Wait and look ahead to proof and information from trusted sources who aren’t blatantly biased.
Proper now I’m simply questioning what’s going to come out of additional inspection of the particles shot down close to the coast of South Carolina not so far-off from the place we have been strolling our canine and listening to tunes down on the Savannah riverfront. Supply:
Whereas we have been down there on the waterfront a lady who was randomly strolling her personal canine and began speaking to us. She checked out a textual content at her telephone and mentioned, “They shot down the balloon!” As we continued speaking I revealed that I work in cybersecurity and she or he mentioned she works for Merck — the place that they had some enormous cybersecurity incident the place all of the screens went black about 4 years in the past.
I mentioned, “Was it ransomware?”
She mentioned, “I don’t know.”
I mentioned, “It was ransomware.”
My opinion on the Chinese language spy balloon? Folks ought to fear extra about securing what they’ve management over — their very own cybersecurity structure and the techniques and gadgets which can be insecure, unpatched, and misconfigured that would lead to an information breach or spying on their very own community. If any of these are hosted in AWS, Azure, or GCP observe my weblog to learn to safe these techniques. The time will probably be higher spent patching and updating your gadgets than worrying a few spy balloon.
The spy balloon is attention-grabbing however each authorities is spying on each different authorities in the meanwhile. That’s the fact. There’s probably not a lot you are able to do about it until you’re employed within the authorities and are concerned in making associated selections — and you’ve got all of the related coaching and information to take action.
Observe for updates.
Teri Radichel | © 2nd Sight Lab 2023
If you happen to favored this story ~ use the hyperlinks under to indicate your assist. Thanks!
Help:
Clap for this story or refer others to observe me.
Observe on Medium: Teri Radichel
Join E mail Checklist: Teri Radichel
Observe on Twitter: @teriradichel
Observe on Mastodon: @teriradichel@infosec.alternate
Observe on Put up: @teriradichel
Like on Fb: 2nd Sight Lab
Purchase a Guide: Teri Radichel on Amazon
Purchase me a espresso: Teri Radichel
Request providers by way of LinkedIn: Teri Radichel or by means of IANS Analysis
About:
Slideshare: Shows by Teri Radichel
Speakerdeck: Shows by Teri Radichel
Recognition: SANS Distinction Makers Award, AWS Hero, IANS School
Certifications: SANS
Training: BA Enterprise, Grasp of Sofware Engineering, Grasp of Infosec
How I acquired into safety: Girl in tech
Firm (Penetration Exams, Assessments, Coaching): 2nd Sight Lab
Cybersecurity for Executives within the Age of Cloud on Amazon
Cloud Safety Coaching (digital now accessible):
2nd Sight Lab Cloud Safety Coaching
Is your cloud safe?
Rent 2nd Sight Lab for a penetration check or safety evaluation.
Have a Cybersecurity or Cloud Safety Query?
Ask Teri Radichel by scheduling a name with IANS Analysis.
Extra by Teri Radichel:
Cybersecurity and Cloud safety courses, articles, white papers, displays, and podcasts
