Why Active Defense is so important
There is an invisible war happening right now. Its battles are being fought all around us, in cyberspace. Industrial secrets, stolen. Military plans, leaked. Personal information, sold on the black market. Not a week goes by that there isn’t some new article in the news about some large data breach. The latest of such having just exposed data on hundreds of thousands of kids. This war is truly finding its way into our homes. And make no mistake, things will only continue to get worse from here. Unless we stop it.
The computer network defender has a nearly impossible job. Plug all of the holes in the vast and complex infrastructure that is their network. When all it takes to get access to a network is a single, tiny misconfiguration in code; the defenders must be right 100% of the time in order to ensure that no breach takes place. And when the defenders inevitably do miss something, the attacker only has to be right once to gain access. This kind of differential is only compounded by the difficulty of attribution in cyberspace. The chance of an attacker being unmasked and made to pay for what he has done is practically non-existent.
And so we come to an understanding of the reality of the current state of affairs. What we are doing is not working. And we cannot afford to be losing like this. We cannot afford to be this vulnerable. I liken our struggle to that of a knight in a sword fight whose hands have been metaphorically tied, so that he may only block incoming attacks. Without the ability to do anything but parry the enemies advances, it does not take a military savant to know that eventually our venerable knight will be taken down. When he fails to perfectly block some incoming attack, he will be defeated. There is no way to win the battle without some sort of offensive strategy.
Active Defense can save us. And no, we do not need to “hack back” as some have proposed in order to better secure our world. We can actively counter enemy tactics in cyberspace as the network defenders, using offensive tactics while on our own turf. We are allowed to defend our home. Legally speaking, we may not be able to go after the enemy on their turf without drawing significant shade. But there is so much more we can do to undermine, draw attribution, overcome, and humiliate our attackers.
At Promethean Info Sec we believe whole-heartedly that our mission is to bring everyone the tactics, tools, and techniques to be able to accomplish these legendary feats of blue team prowess. It is quite frankly, in our name. And we’re starting with MAD Active Defense, the Active Defense framework. Taking what once was considered difficult, and boiling it down to a couple of keystrokes. Soon anyone will be able to unleash the floodgates on attackers hitting their networks. For now, you can check out the alpha release below.