The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
So what’s it worth to you to prevent world-wide economic collapse, or even a major interruption of essential services, like power or water?
These are not hypothetical questions. Nor will they be caused by the Eurozone disaster, a double-dip recession, the disintegration of institutions deemed “too big to fail,” or government spending run amok.
I am talking about cybergeddon—or the endgame of cyber warfare. A concept well-worn in national security organization conference rooms and the situation rooms of nations around the globe. It is somewhat newer to the front page of The New York Times, which has recently featured several investigative reports regarding Stuxnet and Flame, two potent worms created for international espionage that got loose and went viral.
We all know the hackers are out there. That’s not going to change. The question is this, can we change the dynamic? Or more to the point, can we hire them—a whole lot of them? Simply put, how much should nations pay to build a cyber army (both civilian and military) of “white hat” hackers and talented computer security experts with the skills to out-hack or “out-code” the legions of nation state-sponsored or politically-motivated cyber terrorists sworn to destroy our way of life?
Everywhere we turn, there are reports of public and private sector breaches and compromised data. The SEC requires publicly traded companies disclose data breaches, and especially when intellectual property is stolen. Even when the forces of good arguably get it right, unintended consequences and leaks jeopardize the results.
Stuxnet is just one example. Written by American and Israeli spy agencies to sabotage Iran’s nuclear enrichment facilities, it at least partially succeeded in its mission, The New York Times revealed early this month. Unfortunately, its creators did not account for the possibility that it might escape. It did. In fact, both Stuxnet and Flame escaped. The result is scary: the bad guys have these worms and can use them.
The Stuxnet story became public in 2010 because a programming error enabled it to leap out of its confines and circumnavigate the globe via the Internet.
Two days after the recent Times article, came the report about Flame, another international spy-grade superbug. This one had compromised the Fort Knox of software companies: “Microsoft told customers that the authors of Flame—a highly sophisticated surveillance computer virus discovered on networks in the Middle East and Iran—had figured out how to use Microsoft’s own security system to forge digital security certificates, which then allowed the malicious code to spread undetected by anti-virus programs.”
There are lessons we can draw from these stories. None of them are particularly comforting.
No one really knows how this story will play out, but the trends all seem to be heading in a pretty scary direction. One thing is clear: The Cold War concept that Mutual Assured Destruction keeps super-power missiles in their silos doesn’t apply here.
I have one recurring nightmare: What if an anti-everything organization (let’s not pick on anyone unnecessarily) managed to create a network of believable hackers and pay them well, and these hackers, the best in the world, were joined together to shut down part or all of our critical infrastructure? There would be an economic meltdown the likes of which has never been seen.
After almost a decade of increasingly sophisticated and large data breaches, hackers are sitting on a huge amount of information about you and me, literally hundreds of millions of records—our names, passwords, contacts, account numbers, and everything else needed to destroy a person’s professional and financial life. They know where we live, and they can drain bank accounts, turn off the lights and max out our credit cards with the tap of a key. And what’s to stop a consortium of like-minded anti-everythings from hitting that key?
Furthermore, some well placed sources have told me that the Department of Homeland Security struggles to recruit talented people who are US citizens and can pass the rigorous background screening required to obtain the appropriate security clearance because historically more bucks and bragging rights are on the side of institutional breaches than in public service (This 2010 study from the Center for Strategic & International Studies elaborates on these struggles). Maybe it’s time to pay so much money that loyalty is assured from non-citizen warriors.
Unlike the China, India, Pakistan, and Eastern European nations, who may at some point be aligned against our interests and where the problem is taken very seriously, according to international standardized test scores, the United States is not making the appropriate investment to encourage our kids to get into the hard sciences, math, engineering and critical thinking academic disciplines which are fundamentally essential to fight this digital war.
If we’re serious about getting the best and the brightest, we must do what it always takes to get the best of the best: educate them, nurture them and pay them top dollar. One friend told me many years ago that you can’t beat Wall Street social irresponsibility; you can only join the club. Right now, our society pays a king’s ransom to the wizards of finance and social networking, but nowhere near enough to the real engineers who are so desperately needed. And without the latter, there will be no need for the former.
Wouldn’t you agree that appropriately educating, nurturing and hiring the world’s best hackers to protect us from those with similar skill sets is at least as important to the world economy as hiring wunderkind lawyers to protect America’s corporations?
There is simply no alternative. How long could the world economic system last without the Internet? Without electricity? Let’s stop screwing around and seriously invest in top hacking talent now, so we never have to find out.
Image: mikael altemark, via Flickr
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams