Thursday, April 23, 2009

Digital Security, or lack-there-of?

Do I pay too much attention to the digital security, or are there more threats today than ever before; not just statistically speaking - (i.e - accounting for the growth of computers per person/business, etc.), but an actual percentage increase of attacks and breaches per day? To clarify : I am not in the security field in any form, but I have always had a fondness for who/what/when/where/why and how. I don't seek out that news, but rather come across it often in the stories I read and the sites I visit. Some of the main sources being Slashdot the place of "News for Nerds. Stuff that matters." and Wired, but not just there... everywhere - NPR, CNN, FOX, etc. I really don't recall the stories being there 5, 4, heck 2 years ago and now the "cyber-crime" stories are not only making the evening news, but headlining often. The difference being - I don't have to seek it out anymore, it exists in the mainstream media. Unlike the "Free Kevin" days where stories (and people) were swept under the proverbial rug and the media looked the other way - it seems that a week does not go by without a school server hacked, a bank that is breached or a 911 center that is spoofed.

Maybe I am uber-sensitive now or maybe - we exist in a severely over digitized and under-secured operating environment. To me there seems to be a lack of checks and balances in the implementation of OS' department... where U.S. Navy communications satellite FLTSAT-8 can be taken by Brazilian home-brew equipment and used for a soccer game re-broadcast and a generally "open" CB channel to chat on. It exists when the Pentagon's $300 billion Joint Strike Fighter project is compromised by Chinese computer spies. Do you have to worry about the FBI's CIPAV spyware being injected to your system on a daily basis, because the tucked it into an affidavit?

Here is a great story on this topic : Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the U.S.

We are now in a world, where-in security professionals suggest not to use Adobe Reader, because of the targeted attacks that all to often actually take place on it.

More on the physical security end of the digital insecurity spectrum... and I quote Bruce Perens "A Cyber-Attack on an American City"
Just after midnight on Thursday, April 9, unidentified attackers climbed down four manholes serving the Northern California city of Morgan Hill and cut eight fiber cables in what appears to have been an organized attack on the electronic infrastructure of an American city. Its implications, though startling, have gone almost un-reported.


That doesn't lend to my main point of "more mainstream" attention... but needed to be thrown in anyways.

Alright, okay... I can't imagine anyone made it this far into my babbling - but if you did, I am finsihed now
:)

/soapbox

----

UPDATE :
Hackers Broke Into FAA Air Traffic Control Systems
by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)