Business Technology: In The Cybersecurity Wars, The Good Guys Are Losing - InformationWeek
09:26 PM
Bob Evans
Bob Evans
Building Security for the IoT
Nov 09, 2017
In this webcast, experts discuss the most effective approaches to securing Internet-enabled system ...Read More>>

Business Technology: In The Cybersecurity Wars, The Good Guys Are Losing

"The worst is not/So long as we can say, 'This is the worst.'" -- King Lear

News Item, June 2: The population of new viruses released on the Internet hit a 30-month high in May, according to an antivirus vendor.

News Item, June 1: One of the world's largest computer distributors had its own internal systems broken into by a hacker who gained access to Social Security numbers, national ID numbers, and passport numbers for U.S. employees and their beneficiaries.

News Item, June 1: "Even the makers of Wi-Fi routers, access points, and other gadgets privately say that as many as 80 percent of home users don't bother to enable basic encryption or other protections against connection theft, eavesdropping, and network invasion."

News Item, May 28: Cyberattacks penetrated the networks of 83% of financial-services companies responding to a survey, more than double the number from one year ago.

News Item, May 28: The Federal Deposit Insurance Corp.'s systems are riddled with security weaknesses that could lead to unauthorized disclosure of financial data, disruption of operations, and loss of assets.

Wow. Bad week, eh? It would seem so--almost 1,000 new viruses unleashed in one month, massively exposed home wireless networks, most banks and brokerage companies getting hacked, and then there are the gaping vulnerabilities at the outfit whose sole purpose is to safeguard our bank deposits. But does this accumulation of problems equate to "bad" anymore? I'm not so sure--instead, I think this is the muck and filth we're all swimming in all the time these days. I think these appalling trends are maybe becoming much less appalling in the minds of many of us these days because they're no longer the exception--they are the norm. We read about them, we raise our eyebrows, we puff out a little sympathy for the targets, and we try to mutter, "There but for the grace of God go I," but instead it comes out as, "Better them than me."

Other Voices

I'm sorry. I've been crying. And I can't stop. ... I read Mr. Phillips's moving story about Cpl. Dunham's selfless heroism. I lingered on his every word, every moment, every explosion, every turn for the worse, every hope for survival. Then the devastating news: "At 4:43 p.m. on April 22, Marine Cpl. Jason L. Dunham died." ... I hope and pray that all of us who have basked in the glorious financial excesses of modern-day managers' capitalism will take a brief timeout from all of our getting and our self-important lives, get down on our knees and say a prayer for those who have given--sadly, on our behalf--what Lincoln called "the last full measure of devotion." Maybe then my tears will dry. But I hope not.

-- The Wall Street Journal letter to the editor from John C. Bogle, founder and former CEO of The Vanguard Group, May 28

All the while, businesses of every kind are interlacing their operations more tightly with those of their partners and suppliers and customers and suppliers' suppliers and customers' customers and partners' partners, and that means more external network connections, and that means more potential points of vulnerability. But what's the alternative--disconnect from the world? No, that's not an option, so we need to realize that as bad as the problem is now, our increasing need to open up, to connect, and to share information will only make it more vexing and challenging. Nevertheless, doing nothing is not an option.

And while we're airing the stinky laundry, I think the time has come to fess up: the Bad Guys are winning. We are being beaten by the loathsome-bastard hackers, saboteurs, thieves, spammers, and other scum who so blithely violate our laws and drive up our costs and put others in danger by maliciously and knowingly attacking and abusing networks and systems. The ugly truth is that these bad guys are getting better at their malicious tricks faster than we are able to devise ways to block them. We have become a business community whose sole battle strategy is a recipe for disaster. We constantly fight yesterday's war, patching and securing and working around the havoc they created yesterday without devoting nearly enough energy or time to two objectives that are essential in winning tomorrow's war: first, learning to anticipate their next moves and actively taking preventive steps against them before they happen; and then pursuing, arresting, prosecuting, and punishing these criminals to the fullest extent of the law.

Oh, sure, there are some victories out there, such as the sentencing last week of the "Buffalo Spammer" to up to seven years in prison for violating New York state forgery and identity-theft laws in scams that enabled him to pump out an estimated 850 million--850,000,000!!--spam E-mail messages in two years. But tell me--since this reprobate has been out of commission (giving him time and opportunity to make his titular transition from "Buffalo Spammer" to "Spammer in the Slammer"), has your spam box been lonely? Is it taking any longer to reach a few hundred messages?

And here's where this gets *really* depressing: I think it's going to get worse before it gets better, and the reason behind my pessimism is that I think plaintiff attorneys are going to get a whiff of this chaos and when they do they are going to descend on this business like horseflies on cow pies in Ju-ly. Given their nature, why wouldn't they? Let's take a look at a parallel situation: You go to a bar and have a few drinks, and then foolishly a couple more. Then you leave and stupidly get behind the wheel of your car, and a few minutes later you total your car by wrapping it around a telephone pole, and you bust some ribs and cut your face but you're alive. What do you do? You sue!! You sue the bar where you got yourself drunk and the bartender who poured the drinks and the liquor company that made the stuff, and every step of the way your lawyer-babysitter is right there with you, patting your hand and cooing in your ear about your victimhood and how you deserve justice from the meanies who jammed that bottle down your throat. Exaggeration? Not in this madly litigious country.

1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of IT Report
In today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll