Home > Computer Security > National Cybersecurity, Politicians, Black Hat Magic and White Lies

National Cybersecurity, Politicians, Black Hat Magic and White Lies

Across the globe, world leaders are being briefed about the threats and risks to critical infrastructure and national security. Politicians are being told tales of cyberwar, disruptions to power and transportation systems, financial chaos and what could be the end of civilization as we know it.  Technical gurus demonstrate how easy it is to compromise and take control of a system, like the main act in the center ring of a circus, to instill shock and awe into the crowd of curious onlookers. And why are these things being done? To gain support for cybersecurity initiatives and spending against the threat de jour – the hacker.

But is everything being presented the truth, the whole truth and nothing but the truth? I’m not so sure that it is.

While those briefing world leaders talk about the aforementioned threats, I’m wondering if the risk being presented – the likelihood that any of the terrible things being mentioned will actually happen, is based on theory, perception or reality. Why? Because no one outside of a country’s borders can hack a system that isn’t hooked up to the Internet or accessible via a dial-in connection. The same thing goes for those attempting to hack into systems from within a country. If an organization has all of its systems on a closed network with no Internet access and no remote access capabilities, the only real threats are a trusted insider or unauthorized physical access.

In all the information that is floating around in the media and on government Websites, has anyone seen any numbers as far as what percentage of a country’s critical infrastructure has a direct connection to the Internet?  How about the breakdown by infrastructure type? Has anyone seen any figures with regard to insufficient physical security measures? How about percentage of personnel maintaining critical infrastructure that haven’t completely a background check?

Is the current cybersecurity assessment really as bad as government officials and the media make it out to be? Are all of these systems completely unpatched and unprotected against any threats? Are the system and network administrators that manage these systems completely incompetent?

The most simplest solution to protecting critical infrastructure from compromise over the Internet, is to move part or all of an organization’s assets onto a closed network.  This is achievable through several means, including separate physical infrastructure and virtual private networking. Are these options even being considered?

Something is very wrong with some of the legislation being passed around the globe to address cybersecurity issues.  As I’ve questioned in previous posts, how many of these lawmakers truly understand the issues beyond what they are being told? Have lawmakers become an easy victim of fear, uncertainty and doubt because of their lack of knowledge?

Someone has to stop the madness – and that someone is you.  Spread the word.

About these ads
  1. curiouschild
    June 23, 2010 at 11:06 pm | #1

    Thank you for addressing this issue from a technical issue. As a librarian, I’m trained to look at issues of information access and that has been my main concern but as you point out, a lot of this seems to be an unclear understanding of how the Internet works on the part of politicians. My hope is that the masses are not so caught up by the words “threat” and “national security” that they willingly abdicate their freedoms.

    • June 24, 2010 at 5:27 am | #2

      That is my hope as well. I just hope enough people let their voice be heard before it’s too late. Thanks for your comment.

  1. August 11, 2010 at 7:09 am | #1
  2. August 12, 2010 at 6:24 pm | #2

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: