Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Securing the Fifth Domain

In May 2010, the final disappearance of the line between physical and virtual security became official when Defense Secretary Robert Gates announced the activation of the U.S. Cyber Command, or CYBERCOM.

Cyberspace, Gates declared, was the fifth domain of security, alongside land, sea, air and space. When it comes to the transformation of military culture that CYBERCOM represents, it's hard to overemphasize the importance of the Secretary's summation. Only a year before CYBERCOM came into being, two leading Army officers, Lt. Col. Gregory Conti and Col. John Surdu, had shown their dissatisfaction with the lack of recognition given to technical expertise in the U.S. military, despite the growing threat from cyberspace.

Our military is confident when it comes to "kinetic" wars involving the deployment of troops in physical theaters, they wrote. "They do little," the two officers continued, "to recognize and develop technical expertise. As a result, the Army, Navy, and Air Force hemorrhage technical talent, leaving the Nation's military forces and our country under-prepared for both the ongoing cyber cold war and the likelihood of major cyberwarfare in the future."

Even though cyberspace is now in its rightful place within the constellation of security concerns, the structural and personnel problems identified by Conti and Surdu persist. Such weaknesses are potentially lethal. No less than General Keith Alexander, the chief of CYBERCOM, told the Los Angeles Times recently, "I believe that we would suffer tremendously if a cyber war were conducted today, as would our adversaries."

Assuming, that is, we could identify those adversaries in the first place. Malware can be developed any place on the planet and sent to travel on elaborate, complex routes, so finding its source can frequently be impossible.

That's why, as I know from 14 years of experience in information security, the best offense is robust defense, based on prevention. In order to ensure that the nightmare scenarios - like the poisoning of domestic water supplies identified in the LA Times piece linked above - don't become a reality, we need to do the following:

Identify what our critical infrastructure involves. In cyberwarfare, the traditional distinction between a military and a civilian target doesn't apply. Our grid, our nuclear power stations, our financial markets and banks, our transportation system, are all vulnerable. An overpowering cyberattack on one or more of these could cripple our country in a matter of seconds. Preserving the networks of the Department of Defense is a paramount task, but it's not the only one.

Support legislation to boost and extend cybersecurity. Congressional Representative James Langevin of Rhode Island has introduced legislation that would shore up the oversight of our critical infrastructure, creating clear lines of responsibility. As Langevin noted in a recent op-ed, "private companies control most of our critical infrastructure, such as utilities. Given their primary responsibility to shareholders, they don't have incentives to act alone and many have not dealt with vulnerabilities." Each day that goes by with those vulnerabilities intact exposes us to enormous risk. In these environments, like many others, it is not a question of "what if vulnerabilities exist" but more of one that contains many vulnerabilities and leaves us asking "when will the vulnerabilities be exploited".

A real public-private partnership. Langevin also noted that "our nation's cyber workforce is in danger of falling behind." Companies in the private security space are well-positioned to find and train the best computer science graduates, turning them into tomorrow's cyberwarriors. For example, my own company, Trustwave's SpiderLabs, recently sponsored and participated in a cybersecurity competition (National CCDC) for students in San Antonio, Texas, pitching them into a simulation of a cyberattack on a major commercial concern. Such experience is invaluable, particularly as cybercriminals and cyberterrorists share many of the same methods. What's required now is a formal partnership that utilizes the vast experience of private sector information security companies.

Keep the public on our side. Since 9/11, our national security debate has often been bitter, as legislators, opinion-formers and the general public have clashed over such issues as the deployment of American forces in the Middle East, the impact of terrorism on privacy and civil rights, and the role of private defense contractors. Cyberwarfare promises to be just as murky. Just as there was no declaration of war, there will be no declaration of victory. We are, sadly, fated to fight this war for the foreseeable future, which is why we need the public to trust us.

For several years now, academic experts on military affairs have progressively expanded the areas which the term "security" covers. We are now in an age where "security" applies to everything: our borders and our airspace, certainly, but crucially our networks and data too. Every electronic exchange carries a potential risk within it. Such is the nature of the fifth domain.

Latest SpiderLabs Blogs

Welcome to Adventures in Cybersecurity: The Defender Series

I’m happy to say I’m done chasing Microsoft certifications (AZ104/AZ500/SC100), and as a result, I’ve had the time to put some effort into a blog series that hopefully will entertain and inform you...

Read More

Trustwave SpiderLabs: Insights and Solutions to Defend Educational Institutions Against Cyber Threats

Security teams responsible for defending educational institutions at higher education and primary school levels often find themselves facing harsh lessons from threat actors who exploit the numerous...

Read More

Breakdown of Tycoon Phishing-as-a-Service System

Just weeks after Trustwave SpiderLabs reported on the Greatness phishing-as-a-service (PaaS) framework, SpiderLabs’ Email Security team is tracking another PaaS called Tycoon Group.

Read More