Robert Axelrod: Estimating the best time to launch a cyber attack

January 14, 2014 0:05:18
Kaltura Video

Robert Axelrod is the Walgreen Professor for the Study of Human Understanding; professor of political science, College of Literature, Science and the Arts; and professor of public policy, Gerald R. Ford School of Public Policy.

Transcript:

My co-author, Rumen Iliev, and I hope that this work will help others begin to develop further mathematical models, further formal ways of thinking about the implications of cyber technology to take advantage of another's computer system.  You need to think about the tradeoff between: Should you use it as soon as possible before they fix it, or should you wait until the stakes are really important, for a really important event where you can get maximum benefit?  This paper is an effort to begin to make a small step toward understanding the strategic implications of cyber technology.  We have a little mathematical model that helps you make that calculation.
We employ two new concepts what we call "stealth and persistence."  So an example of stealth, the American and Israeli attack on the Iranian centrifuges called Stuxnet sped up and slowed down the centrifuges of the Iranian nuclear program.  It also included a component that would tell the control room that the centrifuges were going at exactly a constant, correct speed.  And so that was designed to be stealthy so that they wouldn't notice that this vulnerability was being exploited.
Persistence is the idea that if you don't use it, it will take a long time for them to discover.  And therefore, you can wait until the stakes are very large before you use it.  Even in common piece of software like Internet browsers when vulnerabilities are discovered and corrected, it's often found that they've been there for months and sometimes even years.  And that demonstrates that those kind of vulnerabilities are pretty persistent.  And these two characteristics determine when is the best time to exploit a resource for surprise.