McAfee CSO Issues Warning On the 'New Cold War'

angry tapir writes "The Cold War between the USA and the USSR may have ended in 1991, but a new conflict involving the same enemies has emerged on the digital frontier, according to McAfee's US chief security officer. Brett Wahlin, a former North Atlantic Treaty Organization (NATO) counter intelligence agent, told Computerworld Australia that the RSA token hack in March this year – where the token information was used to infiltrate US defense contractor Lockheed Martin – used the same espionage tactics he encountered while serving as an agent from 1987 to 1991 with the US army for NATO."

More Bad Omens from a Soothsayer

[eldavojohn]

"It seems the targets like Lockheed Martin are starting to get softened up. This isn't the end game; there is something bigger coming down the pipe and what we are seeing right now is a prelude to that. There could be a new warfare doctrine been created. I was in that world [NATO] for so long that when it looks and feels like a Cold War, there may be something else going down."

Congratulations on the nebulous statements, sir. You rival politicians. Not a single one of these statements is falsifiable. Oh, you're the head of a company that sells remedies to this horrible future? You don't say ...

<Zoidberg> I'll take one "security" please! </Zoidberg>

Re:

[chemicaldave]

"It seems the targets like Lockheed Martin are starting to get softened up. This isn't the end game; there is something bigger coming down the pipe and what we are seeing right now is a prelude to that. There could be a new warfare doctrine been created. I was in that world [NATO] for so long that when it looks and feels like a Cold War, there may be something else going down."

By asserting that he is only doing this to make money, you are also guilty of making unfalsifiable statements.

Re:

[Anonymous Coward]

He's implying that it's to make money, not asserting it.

Re:

[GameboyRMH]

Well at the very least, there's a big conflict of interest here, so his advice can't be taken any more seriously than an oil executive warning of a lithium shortage.

Re:

[idontgno]

Well, the descriptions of the various attacks that led up to Lock-Mart's breaches (including the sustained campaign against RSA) makes a lot of analysts think the entire sequence is the activity of some nation's intelligence apparatus. Blaming China just seems like a knee-jerk to me, though. I would ROFL slightly into my waffles if it turned out to be Lulzsec (although those blowhards would have been boasting about it by now) or maybe the French or something. Maybe the Israelis?

Defense-oriented industrial e

Re:

[geekoid]

I would say:
"some group's intelligence apparatus."

Maybe it's a nation, maybe not. It is a group that has access to good tools and gear; but it could have been done by a small independent group using compromised computers to do their attack against the token.

This is the future. Borders, as we know them politically, are going away. The future will be fought by groups scattered across the globe, openly hidden in different nations. As that emerge old school military tactics will need to change into a more 'poli

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[ColdWetDog]

It's different because you can do this hiding out in an Internet Cafe in Mongolia or Central Russia. Before we 'cyberized' things the MiG pilot would have to have the cajones to fly out of Russian airspace. The Chinese had to get sandals on the ground to bribe the locals to find the bits or they had to force a collision between the spy plane and theirs. All with attendant risks of reputation, money and people. Now, not so much.

It's not a black or white issue by any means - it's the same game. But the

Re:

[lightknight]

^_^ . It's the NSA, they hack their own systems so they can boast about it.

Re:

[chemicaldave]

I wouldn't say he can't be taken seriously. Sure, take his advice with a grain of salt, but don't ignore it altogether.

Re:

[cavreader]

Why sever when you can just tap and manipulate when necessary?

nebulous and foggy

[sourcerror]

"I was in that world [NATO] for so long that when it looks and feels like a Cold War, there may be something else going down."

So it's not Cold War, and summary title is wrong?
May I suggest a new name? It's the Cloud War. Just to be even more nebulous.

Re:

[geekoid]

http://tinyurl.com/3qhrkt4 [tinyurl.com]

Re:

[snspdaarf]

May I suggest a new name? It's the Cloud War. Just to be even more nebulous.

Would that be Cumulonebulous?

Not "remedies".

[khasim]

Oh, you're the head of a company that sells remedies to this horrible future?

McAfee doesn't sell remedies for anything (other than a remedy for a lack of McAfee software).

None of the "anti-virus" companies do. Because the way they're currently structured is as a reactive process.

Bad guys release a new "virus".
Users get infected.
Someone sends the infected files to McAfee.
McAfee releases new "signatures" to detect the new virus.
Repeat.

And McAfee makes a lot of money off of that process. Meanwhile, users keep getting infected by "mal-ware". It's so bad that you cannot even depend upon McAfee to detect all the "mal-ware" that is detected by other anti-virus products from a week ago. Why should you need to run multiple scans from multiple products to clear a Windows machine?

Where's the bootable CD from McAfee that will at least be able to identify what is known to be a regular Windows file and what has not been identified before? With a way to move those questionable files to external storage / submit them to McAfee?

But why spend money on something that might help? Particularly when just giving interviews about how things MIGHT get worse will generate more revenues for your company?

Colour me cynical.

Re:

[marnues]

I'd suggest this is how doctors work as well. It's poor engineering, but I'd bet people would claim it's the best we've got. It's the proactive/reactive IT debate. Is it better to keep locked down, smoothly running machines that fail at your expense? Or do you keep open systems that fail at the whim and fancy of your co-workers with you as their hero every time it's fixed? Human nature points people towards the poor option.

Re:

[laurelraven]

I'd suggest this is how doctors work as well. It's poor engineering, but I'd bet people would claim it's the best we've got. It's the proactive/reactive IT debate. Is it better to keep locked down, smoothly running machines that fail at your expense? Or do you keep open systems that fail at the whim and fancy of your co-workers with you as their hero every time it's fixed? Human nature points people towards the poor option.

I'd argue that the former option (inarguably the better option from a security standpoint) can be very risky from a career standpoint. If you don't get it perfect the first time (and you won't), people will assume incompetence from you as you get everything working smoothly, and bitch and complain every time they can't do exactly what they want without going through you. You get labeled a tyrant, and even if you are very, very good and good with people, the wrong impression could leave you without a job.

Re:

[laurelraven]

P.S., that's from a sysadmin standpoint; companies like McAfee really have no excuse not to be working towards this methodology.

Re:

[Asm-Coder]

No, that's really how patients work.

Most people, when told by their doctor, "You need to lose weight or you'll get diabetes," do what? That's right nothing. "You should be exercising for 30 min. 4 times a week," and yet most people don't change their habits. "You should have a biannual checkup, and get a colonoscopy every 5 years, a mammogram or prostate exam...."

Yes there are some things that doctors must take from a reactionary standpoint. But since we don't have magic pills yet, the only proactiv

Re:

[ifrag]

None of the "anti-virus" companies do. Because the way they're currently structured is as a reactive process.

Well, certainly not McAfee anyway. There are anti-virus packages with heuristic analysis, and supposedly those occasionally do something, but I've never personally seen a scanner catch anything with it.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[mlts]

Bingo. I want to see an AV program that includes a bootable DVD, and can not just do an offline check for viruses and malware like the stinger.exe, but do serious heuristic checking. Some executable not Authenticode signed that is a Windows system file? Flag it, and optionally ask for install media to fix it after the executable is saved to a quarantine area. Another executable a different SHA-512 hash than what is in the original copy of Windows, or subsequent patches? Move it aside and replace it wit

Re:

[Ararat]

Ambitious. I don't know if this is technically feasible -- since Win7 and all other MS OS' seem to inevitably be dynamic (ie. big, imperfect, and thus updated with frequent patches) -- but if you build it or find it, please report back here. . I, for one, would probably buy it. . PS : McAfee, btw, bought Secure Computing, another OTP vendor and a major competitor to RSA, in 2008.

Re:

[mlts]

It shouldn't be too difficult to keep hashes of an OS executables and libraries, even with the updates coming out. Probably easier than trying to keep abreast of new signatures of malware.

Of course, software not aware of what programs should hook into a machine might cause startup items like the HP printer driver stuff and reminders of having to buy ink to go away, but I'm sure most users rather have disabled startup items than missed items which contain malware.

Essentially this would be a "gritty reboot"

Re:

[Xacid]

Eh, yes and no.

Anti-virus software is primarily reactive. Proactive is typically called patching (if you catch it in time, though that can become reactive as well).

However, some anti-virus software does have a feature to detect virus-like behavior though it's not 100% successful. Additionally - anti-virus companies (at least Norton) have teams that are essentially white hats who look for new vulnerabilities and methods of virus delivery and obfuscation.

So yeah, I'll colo(u)r you cynical and respectfully dis

Sir! I have a plan!

[Centurix]

Mein Führer! I can walk!

A new name for a new war

[the_saint1138]

A new online Cold War huh? For clarity we should call this one the Flame War.

USSR?

[RazzleFrog]

There is no USSR anymore and the article says the new enemies are possibly North Korea and China - not Russia. What an incredibly misleading summary (I know I shouldn't be surprised).

Re:

[idontgno]

Both North Korea and Red China were participants in the Cold War, more or less (from the perspective of US strategic planning) on the side of the USSR. Of course, there was ample wargaming and what-if planning on scenarios involving China or Korea independent of the Russians, or even in opposition; even the most raving foaming-at-the-mouth anti-Communist had to acknowledge that the East Asian side of the Iron Curtain was separable from the Near-European side.

Still, it's naive or misinformed to insist that t

Re:

[RazzleFrog]

Re-read the opening of the summary. It doesn't mention China, North Korea or communism anywhere. It said USA and USSR.

Re:

[idontgno]

I suppose that's a fair cop, although criticizing Slashdot article summaries is much like mocking the intelligence of the retarded, I mean mentally challenged. It's redundant and not very insightful.

It's a summary on Slashdot. Being merely misleading is actually pretty good, on balance.

lol wut

[Alex Belits]

(picture of a pear goes here)

Of course he sells the idea of a new Cold War

[GreatBunzinni]

If he succeeds in selling the idea that there is a new Cold War which oh so happens to be fought with the product his company sells then he is in line to get a hefty ton of money from people spending money on their quackery. There is a reason why all of a sudden McAfee started complaining about losing the war on computer security and companies such IBM started warning that there is a supercomputer arms race between China and the US and the US was about to lose. It's all about generating demand where there is none and creating a market for something which isn't needed.

Difference

[DaMattster]

There lies a fundamental difference between the USSR vs. USA Cold War and the so-called USA vs. China Cold War: the USA just might collapse under its own weight just as the USSR did. America does not have the collective scientific, engineering, and military resources it once had. Our military is strung thin and war weary and our mathematicians, computer scientists, and engineers are going into financial careers. Our economy has stagnated with unemployment at a high for this century. Also, our infrastructure such as roads, bridges, electrical grid, etc. is crumbling whereas in China it is growing. Towards the end of the first cold war, conditions in the USSR were economically very, very bad and there was an omnipresence of political infighting which ultimately lead to its demise. History may repeat itself yet again since the similar conditions can be found here in the USA>

Re:

[RazzleFrog]

You are missing one very large factor in all this:

You actually can say this on a public forum. Soviet leadership made our politicians (now and then) look like honest Abe. While we get plenty of propaganda we also have plenty of sources telling us the truth (or as close as they can get). What's worse, is that their leadership even started believing the propaganda.

Re:

[DaMattster]

At the tail end of the cold war in the late 1980s, you probably could say things like this due to the concepts of Troika and Parastroika. These two concepts roughly equate to free and openness. In a last ditch attempt to keep the politburo in some sort of power, they allowed published criticisms. In the end, it was the politburo's undoing. Towards the end of the USSR, a somewhat limited freedom of the press and limited capitalism were allowed. So, the factor is not quite as large as it may seem. The U

Re:

[LS]

You actually can say this on a public forum.

This is the robotic response spouted by everyone who wants to counter any comparison of the US with China or the USSR. Please think for yourself for a moment, and don't boil the entire world down to free speech. While free speech is important, it in itself is also neither a monolithic right nor a clear-cut win for the US. There are shades of grey in what can and can't be said on both sides of the world, though it can be argued that China and the Soviets had less rights.

In the end though, how important is fr

Re:

[RazzleFrog]

My point - from reading the rest of the post - is that we can see the problems and try to address them. In the Soviet Union everybody was kept in the dark and even the leadership was self-deluded.

Re:

[chemicaldave]

You forgot to mention the fact that the US and China are more closely tied together than the US and USSR ever were.

Re:

[lightknight]

Losing the USA isn't going to throw the rest of the planet into chaos.

That's because we were conquered politically.

[elucido]

How are we supposed to even try to compete when politicians are doing everything they can to decrease overall competitiveness?
They wont pay for education so that the brightest minds can actually learn the necessary knowledge whatever it is.
They wont pay to build infrastructure to actually take advantage of those bright minds.
They wont pass a competitive budget to fund it all because they don't want to raise taxes.

So basically politicians are arguing about who will pay the Chinese and how. They aren't even t

Re:

[mbkennel]

The USSR had plenty of mathemeticians and computer scientists and engineers. They just didn't have many good jobs for them outside of making military hardware, which is economically unproductive.

Re:

[elucido]

The USSR had plenty of mathemeticians and computer scientists and engineers. They just didn't have many good jobs for them outside of making military hardware, which is economically unproductive.

What about software?

Re:

[jafac]

Fallacy: If you made college free in the USA, you would not get more engineers. You would get more English and Basket-Weaving majors. Of this, I am certain. The fundamental flaw in our system, is rooted in our failing methods of math and science (mostly math) education for GRADE SCHOOL children. Our kids start behind, and they stay behind. With the exception of the top 5%, very few can handle math beyond algebra in secondary school. And most of the sciences rely on math this advanced. (actually, far bey

Re:

[alen]

you're on drugs

i remember the old days when AT&T was a real monopoly and you could only get a home telephone from an AT&T store. back in the 80's it was $80 for a cheapo rotary dial phone.

back in those days the smartest people worked for the government or a contractor and new tech first showed up in huge government projects and then decades later filtered to us civilians. this started to change in the late 1990's with the internet and now with mobile phones and other devices. now everyone gets new t

Cold war? Espionage tactics changed?

[AHuxley]

If you sell hacked information or talk about telco systems, what has changed?.
http://en.wikipedia.org/wiki/Karl_Koch_(hacker) [wikipedia.org] - was found burned to death with gasoline in a forest near Celle in 1989.
Post cold war if you talk in open court about the reality of cell phone tracking eg. Adamo Bove was the head of security at Telecom Italia
He was found under a freeway overpass.
Costas Tsalikidis http://en.wikipedia.org/wiki/Kostas_Tsalikidis [wikipedia.org] was a 38-year-old software engineer for Vodaphone in Greece.
He uncovered a highly sophisticated bug embedded in the mobile network. Spyware eavesdropped on the Greek prime Minister and other top officials’ cell phone
calls; it even monitored the car phone of Greece’s secret service chief.
His mother found him hanging outside of his apartment bathroom in 2005.
Whats changed? The front end is a MS/token sellers hourly dream that attracts UFO hunters using 56k modems. The back end seems the same.

since 1984

[alien9]

But we always have been in war against Eurasia?!

FUD WAR

[cosm]

As others have said, this article and many others are the primer for FUDing the public to allow the internet to be locked down into governmenland-net--or at least being to apathetic too care when it happens. OMGTEHHAXORS WILL RUIN US DONT FIX OUR NETWORKZ OR INTERNETZ JUST MAKE IT MORE SECUR LIKE DA TSA DOEZ AIRPORTZ!!!!@#!@#

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[geekoid]

I wouldn't fuck him with your 10 foot logic probe!

The last person I'd take advice from...

[flibbidyfloo]

Considering how badly McAfee's enterprise security software sucks ass, this guy is the last person I'd take security advice from.

I'm not just blowing smoke here, I've worked in IT at companies large and small for 20 years, and every time an employer has used a McAfee anti-whatever solution, I've seen more viruses and malware infected users than you can imagine. Their software simply does not work. I certainly wouldn't recommend it to anyone scared of the cyber-future. Maybe he'll drive some business to Nort

Re:

[mlts]

I have ended up deploying McAfee on IBM and Oracle hardware. Not that AIX gets viruses (other than the directory that is shared via CIFS with the Windows boxes), but that it allows me to tick off a check-box saying "all computers, regardless of OS, have ICSA labs certified antivirus software running on them."

In this case, McAfee does the job well.

So Stephen Colbert was right...

[daHIFI]

...when he told Henry Kissinger that the Cold War wasn't over on Monday night.

McAfee Gap Shaft

[drerwk]

take it as you will

or a fate worse than HELL?!

[Thud457]

the women will have to be selected for their sexual characteristics which will have to be of a highly stimulating nature.

One basement's as good as another.
But how are we going to prevent all these women in the confines of the bunker from synchronizing their cycles?!!!

IT Security vs as cost center...

[kbonin]

The only thing changing is that IT in general is generally considered a "cost center" to trim, IT security an even less indirectly profitable component of that cost center, and management of most organizations is becoming more aggressive at reducing that cost. Add outsourcing and subcontracting issues and you end up with a system where there is real interest only in having an appearance of security, and standard practices revolve around plausible deniability and passing the buck.

Almost everyone whose been

Is Russia losing to their Mafia?

[Animats]

Russia has their own problems. When communism went down, they had a power vacuum, which was filled by organized crime. For a while, Russia had rule by "oligarchs". Putin managed to get the biggest oligarchs under control, the ones big enough to challenge national power. But there are still too many crooks per capita left, and they tend to be too closely tied to parts of the Government.

This is why we have so much trouble with various computer attacks out of Russia. Some are private, some may be actual mi

The sound

[ThatsNotPudding]

of salesmen.

synopsis

[thePowerOfGrayskull]

I read between the lines and came away with this : blah blah security threats blah blah worse every day blah blah mcaffee blah blah most secure blah blah blah even withstood anonymous blah blah scary cybermercs coming blah blah buy from us blah blah