- SUPPLY CHAIN SECURITY: That horse has already left the barn. They talk about software supply chain security. I would add to that the firmware and hardware supply chain. And the large number of people with access to Adobe's source code management system are just the tip of the iceberg. When the director of the FBI publicly asks Silicon Valley vendors to build in back doors, causing Russia and the Iranians to mistakenly think their salvation is open source software, I would contend that the supply chain is hopelessly corrupt right now.
- CONSUMERIZATION OF IT: "The trend is to bring more and more unmanaged devices into the network," writes one of their quoted experts. USB devices, WiFi connections, BlueTooth, etc. make for more ignorance on the part of all consumers who blither along, trusting their "stuff" to work without conscious security management.
- MOBILE DEVICES: I've been thinking of doing a blog on smart phones. Jailbroken iPhones and hacker's-dream Androids (and associated tablet platforms) are not only easy pickings, but you just have to sit in an airport and grab data as high-income travelers deplane from their first-class seats.
- TARGETED POLITICAL ATTACKS: At the bottom of the scale you have DDoS responses to anti-WikiLeaks firms by script monkeys who don't know they can be caught and prosecuted, and at the top of the food chain we continue to marvel the sophisticated Stuxnet virus, which has many of the qualities I identify in my 22 Principles for creating the perfect virus. As far as I am concerned the cyber war has already started.
- CYBER WAR: Here is where our current political institutions will NEVER EVER catch up, and where the only workable solution for government as well as business protection are licensed and bonded cyber privateers (yeah I know, you could see this one coming from me a mile away).
The final section of the GCN article is entitled: "On the bright side…" and says in part:
But legal consequences can effectively raise the stakes of engaging in online crime, which until now has been a low-cost, low-risk and high-return endeavor. Fortinet, a vendor of network security appliances, predicts that in 2011, there will be greater international collaboration to shut down the bad guys through the courts.
I call this "whistling in the graveyard" and think the bigger-budget/give-us-more-of-your-tax-dollars approach of a publication supporting the "usual list of suspects" (ie; The Beltway Bandits) comes to the fore. I'm not optimistic. There is no bright side, at least on this side of fiction. Selah.
No comments:
Post a Comment
Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?