Cybersecurity castles in the sky ('The National Interest', USA)

Cybersecurity castles in the sky ('The National Interest', USA)

Any computer in the world can be hacked. Not a single computer, be it a personal computer in your home or a workstation of the director of the CIA in his office, can be completely protected from cyber penetration. Despite all the talk about cyber defense and the billions of dollars allocated to improving security in the public and private sectors (only the Pentagon allocated 2012 billion dollars in the 3,2 year), the PIN of your bank account and secret documents in President Obama’s computer remain vulnerable. The main difference between these objects is the number of people with the necessary skills, time and money to defeat these potential targets.

There is a common misconception that you can ensure perfect cybersecurity if you invest in the protection of sufficient funds and reasonably use access restriction procedures. The harsh truth is that we live in an era of superiority of offensive potential in cyber attacks. For example, experts who test the stability of a computer system in our country say in private conversations that they successfully crack it in 99 percent of cases, and that the remaining amount of time and money is decisive in the remaining 1 percent. There was such a famous and rather controversial principle of the air force: "the bomber always breaks through." The sobering fact of the present state of cyber security is that "a hacker will always break through." And in the foreseeable future, a cyber attack will have no equal.

According to some reports, one of our most protected national secrets - advanced technology for the multipurpose F-35 stealth bomber may have already been stolen by hackers from China. Available data show that they did not overcome the Pentagon’s defense, but extracted information through the penetration of nine defense contractors into computers at once. As a result, we can spend hundreds of billions of dollars and put the future of our air force on a plane, the drawings of which our opponents have apparently already stolen.

A defense contractor should be a highly protected target that is most likely impossible to crack. Unfortunately, the number of companies that cyberspies have successfully penetrated is alarming. BAE Systems, Verisign, Citi, Booz Allen, Google and NASDAQ topped the list of victims, and all this only in the past two years. And since most companies and government agencies are silent about successful cyber attacks, the true number of victims is probably much higher.

The recent disclosure of details of the origin of Stuxnet and its penetration into the highly secure Iranian nuclear center in Natanz provides a clear example of the current superiority of offensive cyber operations. The US examples mentioned above should also serve as a sobering reminder that Iran is not the only country whose sophisticated cyber defense system is vulnerable to a well-equipped and highly motivated state opponent.

In the light of this state of affairs, does cyber defense make any sense at all? Yes, cyber defense, even if it cannot provide us with absolute security, plays an important role. According to information from Verizon, 96 percent of hacks are successful due to the fact that poor protection makes penetration very easy. In fact, most cyber threats create low-level bots, Internet probes that have flooded the Internet in search of promising objects. As President Obama warned recently, too many companies are poorly protected, and some are deprived of “even the most basic protection: a good password. It endangers our public and national security. ” Improving security will improve the degree of reflection of such primitive attacks, freeing up time for defenders to focus on more sophisticated threats to their expensive assets.

Such attention to basic security will reduce the number of successful cyber-attackers from millions of smart hackers to a handful of suspects with the resources and desire to attack cyber-resistant systems. The stronger the defense, the more money, time and skills needed to overcome it.

Politicians must understand the difference: absolute cyber security is a myth, but cyber resistance is achievable and useful.
Dear reader, to leave comments on the publication, you must sign in.
  1. +2
    13 September 2012 06: 59
    Don’t say that, but cybersecurity is a very important issue! It can be called (in a sense) a weapon of mass destruction! One virus can infect all computers in the country, and if military facilities, some mines with ICBMs!
    1. +6
      13 September 2012 08: 12
      By definition, it’s impossible to infect our mines with ICBMs; there’s nothing to infect (I’m not a joke and an insult to our nuclear forces) there are simply no Windows, Dos, Linux. The principle is completely different. Our scientific geniuses took such a step when they calculated it.
      1. Focuser
        13 September 2012 09: 17
        C'mon, they didn’t calculate anything here. Just so the circumstances
      2. 0
        8 October 2012 02: 51
        Quote: Averias
        By definition, it’s impossible to infect our mines with ICBMs; there’s nothing to infect (I’m not a joke and an insult to our nuclear forces) there are simply no Windows, Dos, Linux. The principle is completely different. Our scientific geniuses took such a step when they calculated it.

        Yes, we were lucky with this, everything is probably analog (non-digital), and now there was news about our Russian military operating system and our own military Internet, the boom is hoping that the enemies will not get there.
  2. 0
    13 September 2012 07: 18
    you need to write and draw everything on paper and lock it in a safe. Computers, of course, are needed, but not all their lives have to be digitized. And the amers are worried about their safety - wait for a trick. This, in my opinion, is an axiom
    1. +3
      13 September 2012 07: 38
      Quote: andrei332809

      you need to write and draw everything on paper and lock it in a safe. computers, of course, are needed,

      Other systems are needed, without access to the Internet, to tie everything on computers into a single internal circuit. Iran disconnects its computers from the Internet and probably does it right.
      1. +1
        13 September 2012 07: 49
        I don’t understand computers. I only know to slip a piece of paper, I need to pick it up in my hands.
  3. mar.tira
    13 September 2012 07: 21
    The Americans were worried when they began to act against them using their own methods. Of course, it is necessary to observe elementary security measures for everyone. Including us. And introduce the most modern in the troops. As they say, the avaricious pays twice. Although our leaders understood this after a little war with Georgia! And they began to move their brains.
  4. 0
    13 September 2012 07: 34
    Hello to all.
    Again the panic -aaaaaaa, right now we are cyber-raped.
    Let's not forget - the Americans were the first to start cyber .... research.
    screaming, screaming ... about threats, but nevertheless "cloud" technologies were again the first to start using amers.
    Hey, let's put secret documents on a heap of safes - one sheet in one, another folder in the other.
    Relatively speaking, porters will come - they will take out the safe. Where are the secrets?
    The article itself is already an attack. Cyber ​​attack.
    For countries with computer literacy and non-NATO.
    Hand on heart - will you name a lot of these?
    And all business.
    1. Denzel13
      13 September 2012 16: 16
      Igarr, it turns out FAPSI + a few more "offices", of which not all government officials eat bread in vain? It is interesting to Kaspersky for what the award was presented in the Kremlin and why, when his son was kidnapped, the FSB was dealing with this issue, and not the police with an investigative committee?
      1. 0
        14 September 2012 20: 56
        once again ..
        they consider me - cyber by ... whist
        Even in conversations with superiors - I see that they perceive me differently - as I stated (in my vision).
        Comes ... the clerk ... explains my position - everyone understands everything.
        After that - enthusiastic applause, turning into a standing ovation.
        He ... a clerk, that is, - it happened and hung a tin.
        I am reprimanded.
        What the heck?
        They stole the son of Kaspersky ... X-x-x-x-x-y-yy!
        "..That's what guys ... I won't give you a machine gun." ... White sun of the desert. Vereshchagin.
  5. 0
    13 September 2012 07: 56
    there, now they’re interviewing me about the box. The old songs are not against Russia, they did not invite NATO observers to the exercises in the Caucasus, and Georgians have every right to membership in the alliance
  6. Kaa
    13 September 2012 10: 41
    "Politicians need to understand the difference: absolute cybersecurity is a myth." It would be good if the apologists of network-centric wars, the massive use of shock UAVs and other sophisticated devices are aware of this. These are some of the many useful elements military tactics, not some kind of wunderwafe. Hollywood is widely involved in UWB politics. Let us recall the children's TV series "Star Wars". Nice, interesting, I don't argue. Further, this is being introduced into the mass consciousness and the idea of ​​star wars against the evil empire - the USSR, uttered by former film actor Reagan no longer looks like paranoia, we shoot the series of "Terminator" - oh, what kind of UAVs are smart, cruel and effective, we translate them into the 3rd part creation closer to our time - and everyone is sure that this is real and so it will be. Now it is possible to drag money from the budget (senators are also people, they watch films, in their minds this message is fixed) and scare people all over the world, the main thing is that the distribution of films is wider. Military reality is mixed with virtual reality, in the minds of complete confusion and vacillation - which is what was required to be obtained.
  7. 0
    13 September 2012 11: 28
    They all lie.
    If everything was a "question of money", then banks, for example, would not be able to sleep well - there are a huge number of idiots in the world who dream of breaking a bank, but all known cases of hacking are a human factor (when a fired employee or someone else from the staff helped the intruders).
    Mass infection of computers is again a human factor - people themselves bring viruses on flash drives or run programs that come by mail or download them from the Internet.
  8. 0
    13 September 2012 15: 44
    Yes, even too much dependence on the Internet ...