Living in an Insecure World:Where do we go from here?

Richard DeMilloInformation Security Center

College of ComputingGeorgia Tech

British Railroads• Pre-1825: centuries of use of iron-capped rail technology• 1825: Stockton&Darlington is first commercial railway with 1

locomotive• 1829: Liverpool&Manchester trial to demonstrate 10mph

capability (achieved 24 mph uphill)• 1830-1842: innovation and improvement, frenzied competition• 1842: Queen Victoria is “charmed” by technology• 1842-1845: Entrepreneurs emerge, led by George Hudson• 1845: Railroad mania• Late 1845: Trouble• 1846: Crop failure• 1847: Week of terror: Oct 17 (“Entire famlies were ruined”)• 1850: Thomas Carlyle suggests public hanging for Hudson• 1850-1915: 21,000 miles of track are built

YOU ARE

HERE

Factorie

s

Factorie

s

and Mill

s

and Mill

sSteelSteel

ElectrificationElectrification

Automobile Automobile Mass Mass

ProductionProduction

Waterways

Waterways

TelephonyTelephonyBro

adcast

Bro

adcast

Com

municatio

Com

municatio

ns

ns

When a Technology reaches its Golden Age

More innovationWe structure our activities around the new technology

It adapts to usIt becomes easy to use

It fades into the background

Agenda

• Asymmetric information warfare and the death of the enterprise

• Why ROI is so difficult• The effects of 9/11

– The mistakes of the 1960’s– The national R&D agenda

Enterprise Boundaries

• Premises• Vertical Integration• Globally Distributed Enterprises• Manufacturing and Distribution Partners• Exchanges and Outsourcing• B2B and B2E Architectures• Commoditized Enterprise (per BP’s John Leggate)

– Commodity hardware– Open source infrastructure– Open protocols

Birnbaum’s Pervasive Computing Evolutionpenetration

19701960 1980 20001990 2010

micros

mainframes

batch computingand timesharing

minis

distributedcomputing

networked personalcomputing

open systems ofclients and servers

internetcomputing

open globalservices

informationutility/appliances

programmable data center

source: joel birnbaum, 1982

Asymmetric Threat“Today we see an ambiguous world, with people, groups, and governments pursuing complex goals. The borders have blurred between governments and people, military and populace, public and private. New fourth-generation warriors, non-national and trans-national groups based on ideology, religion, tribe, culture, zealotry, and illegal economic activities, have pushed many regions of the world into anarchy.”

Gen. David Grange National Strategy Forum, Winter 2000

No perimeters

Indirect attacks

Insider threats

Defending Enterprises As If They Were Premises

Find a likely target, then…

•Case the joint

•Determine vulnerabilities

•Attack the weakest defense

Footprinting

ScanningEnumeration

Asymmetric threat

• Metcalf’s law• Host security depends on security of rest

of systems attached to the internet• Automation leads to attack sophistication

– Denial of service– Worms– DNS Attacks– Router Attacks

Upper management hears about the threat

ROI Analysis for IT Security

copyright bruce schneier, 2001

cost$

optimal level of securityat minimum cost

total cost

cost of securitycountermeasures

cost of securitybreaches

security level0% 100%

Attack on 128 bit encryptionP

roba

bilit

y of

suc

cess

ful a

ttac

k

0

1.0

Cost of cryptanalysis device $20M

People are more Cost-Effective

Person Position Price

Aldrich Ames CIA Director Of Counterintelligence $2,500,000

Robert Hanssen FBI Agent $1,400,000

Robert Walker Retired US Navy Warrant Officer $1,000,000

Jonathan Pollard Naval Investigative Service Analyst $50,000

“Why spend $20,000,000 building a cryptanalysis machine if you can spend $1,000 bribing a clerk?”

– bruce schneier

Attack on n bit encryptionP

roba

bilit

y of

suc

cess

ful a

ttac

k

0

1.0

Cost of cryptanalysis device

Windows Power-on Self Test

Are you talking to a securely booted computer?

• test processor• verify BIOS integrity• initialize chipset• test RAM• initialize video device• init. plug & play devices• ROM scan• load from boot device• run bootstrap loader• find and load OS loader• run OS loader• load and run OS

Intel publishes technical data for defeating boot block protection

Cursory scan using trivial security criteria

Favorite haunt of virus writers!

Trusted Computer

Trusted Computer

Platform

Platform

Might not even be your OS!

Effects of 9/11: Homeland security is an enterprise security problem

• Lessons of the 1960’s– IT drives the problem– IT is very expensive to

fix

Steps Forward• NSTAC National R&D Agenda

– R&D Exchange Meeting:March 2003 @ GTISC

– President’s Science Advisor John Marburger chaired

– Agenda needs to be acted upon

– Human-centric solutions

Visualization

What to take away

• Asymmetric information warfare demands new business models

• The agenda for traditional enterprises needs to be acted on – necessary but not sufficient

• Learn from history– Don’t repeat the mistakes– Chase the “Golden Age”