Dennis Fisher talks with Tom Kellermann of Core Security about the Google attack, the priorities for new cyber coordinator Howard Schmidt and the economic and political realities of advanced persistent threats.
*Podcast audio courtesy of sykboy65
Subscribe to the Digital Underground podcast on 
One of Schmidt’s priorities should be to deal with the ‘insider threat’ within Carnegie Mellon’s CyLab: http://www.PrintcafeSecuritiesFraud.com
Google, a multinational corporation, ships its development to a Communist country and maintains lax security standards that allows for a massive intrusion (among the other 30 corporations or so that were attacked as well). Somehow Tom sympathizes with their plight as though they had no “faith” in the american govt and had to deal with their reckless business operations themselves? And this equates to the lack of a rule of law? What utter crap. Outsourcing to a Communist country bit these multinationals in the ass. Too bad folks. You get what you pay for. In the current american system, who is held accountable? Google’s board of directors? Please. The shareholders are going to throw out top executives or sue them for negligence? Don’t think so. It doesn’t work. We used to think that america didn’t have to take offensive measures on other country’s companies because their technology wasn’t worth stealing. That may not be true in a few years because of irresponsible executive decisions and a system that does not hold them accountable.
And did Tom really not know that the “aurora” attackers had access to the global authentication system developed by Google? The worst case scenario did occur.
Otherwise, interesting stuff. especially talk about holding Howard Schmidt accountable, and the discussion of countries harboring and enabling groups of cyberattackers — the Somalia or Yemen of the internet, and his opinion of Google’s breach disclosure.