FUD Special | 07

In this special bonus episode, Ciaran and James tackle one of their favorite cybersecurity acronyms: FUD – Fear, Uncertainty, and Doubt. Here our hosts break down what exactly FUD means for cybersecurity, why it matters, and the real-world risks it presents.

Highlights:

Notable Example of FUD

• The Killer Drones story; FUD in action and then retraction
• Highlights from the RAeS Future Combat Air & Space Capabilities Summit

Malware attacks

• WannaCry
• WannaCry Guidance for Users
• Colonial Pipeline Incident
• Lessons from the Colonial Pipeline Attack
• Shamoon Attack on Aramco
• CFR Analysis of the Shamoon Attack

Accidental IT failures

• UK Air Traffic Control Technical Failure: confusion over two DVLs.
• BBC Report on ATC Failure

The Ultimate FUD phrase

• Leon Panetta's Cyber Pearl Harbor Warning; fostering a climate of fear about the catastrophic consequences of cyber warfare.
• Panetta’s Speech on Cyber Threats

Dousing the FUD Flames

• Ian Levy's Magic Amulet Speech to cyber security vendors in which he accused them of selling medieval witchcraft to the public.
• The Register on Ian Levy's Speech

‘The World’s First Cyber Weapon’

• Stuxnet Computer Virus; the infamous worm aimed at Iran's nuclear facilities
• BBC Overview of Stuxnet

Additional Resources:

Iraq War Dossier Controversy

• BBC Full Dossier on Iraq | Transcript of Andrew Gilligan's original report
• BBC Report on Iraq Dossier Controversy

Contact: Have questions or comments? Email us at ciso-network@sans.org