Category Archives: cyberattacks

Protection from Cyberattacks

I have just had to have my credit card replaced because someone hacked into my bank. I had my debit card replaced about a year ago for the same reason. We are subject to cyberattacks everyday, some by hackers who plan to sell info for money and some perhaps by terrorists. Every time the internet shuts down or some part of the internet shuts down, however temporarily time and money are lost. Records may also be lost. Here is what Kevin Coleman had to say in Directions Magazine:

”If you look at the projected eCommerce number for this year, the Internet being down for just one day could disrupt nearly $6.5 billion worth of transactions. More than just eCommerce transactions flow over the Internet. eMail, voice communications, some banking machines, credit card authorizations for physical stores and the list goes on and on. Information is the life blood of commerce, regulatory oversight and even social status. The importance of the information and the ability to access it, transfer it and act upon it has increased to the point that it is unfathomable for all but the smallest of businesses to operate without computers or networks. As the value of the computing infrastructure increases so too does the value of disruption. The financial implications are one thing, but the psychological impact of the Internet disruption could be even more damaging.

How likely is this to happen? It is not, if it will happen, but when. The likelihood of a cyber terrorism attack disrupting the Internet increases every day. The increased reliance on the Internet by business, government and society has made it a prime target for terrorist intent on disrupting our economy and way of life.”

It is not just commerce that is controlled by computer. The power grid uses the internet, our government uses the internet, our transportation system uses the internet even our energy resources and water are often routed using the internet. We have not designed the kinds of systems we need to put to rest our fears of terrorist cyberattacks that could create serious problems for the US in the short term. We used to have redundancy because we backed everything up on paper and we could switch back and forth between “old school” methods for conducting our business to more high tech systems.  However, we have come to have faith in computers because they are simpler to operate, they offer filing options that take up little or no physical space and they can be updated and corrected more simply than was often the case when we were pencil pushers. But if everything is in the “cloud” and the cloud disappears we have no backup paper trail. If the grid is shut down we can’t easily switch back to the old grid that was maintained by people; it takes days or even weeks to repair damage to electricity sometimes. Most of us have no generators to keep things moving if the grid is shut down. It is a fear we all keep in the back of our minds.

What are the solutions to keeping unwanted people out of our computers? Here is what Mr. Coleman had to say in Directions Magazine:

“Corporate America must be forced to wage an all-out war against cyber terrorism. Securing the information infrastructures will require a substantial effort on everyone’s part. Close collaboration between government and the private sector is critical. Even more critical is the close collaboration within the computer, networking and software industries. These industries must work closely and continue efforts to enhance technology security capabilities. Security is designed in, not added on. Until the weakest links in the network are protected we all are vulnerable and may be impacted. The government sector must institute tougher penalties for cyber crimes and increased funding for law enforcement efforts to fight it. Easier said than done. This must be accomplished with a high degree of collaboration globally. Getting countries to agree on anything these days seems to be an almost unachievable task. Is cyber terrorism the shape of future conflict? Is a digital underground developing right now? Will our scientists, software engineers, and technical resources be able to stay one step ahead of these faceless terrorists? Only time will tell!”

He simply tells us what we need to do. Carol Y. Yang writing The Protection of Public Facilities against Terrorist Attacks, March, 2005 suggests that some work has already begun:

“The Homeland Security Advanced Research Projects Agency (HSARPA) launched a Small Business Innovation Research (SBIR) program in December 2003 to encourage small businesses participate in federal R/R&D programs that can bring creative technologies and solutions to the mission of homeland security. HSARPA plans to issue various requests for research and development projects twice each fiscal year to meet DHS operational requirements, and develop innovative options. Programs in research, testing and evaluation, enacted in cooperation with universities, fellowship programs and national laboratories, include studies in terrorists’ social behaviors, detection of biological/chemical weapons, threat assessment and decontamination, radiological forensics, and cyber-technology.

Recognizing the urgent challenge of homeland defense, many American companies and other institutions have dedicated their efforts to ongoing research. For example, the University of California at Berkeley and Stanford University have joined the project on Recovery-Oriented Computing to improve response to computer incidents. Some companies—including Cenus Technologies, IBM, Hewlett Packard, Intel, and Sun Computer Associates—are developing self-configuring, self-protecting, self-healing autonomic computing technology for security systems at ports and bay areas.

The Science and Technology Directorate, the primary R&D unit of the DHS, is continuing to transfer cutting-edge technological resources to federal, state, and local officials in order to strengthen the capabilities of protecting the homeland. In the future, science and technology will serve as intelligent tools for national security.

If this is the extent of the progress we have made in thwarting cyberattacks then I believe we need to invest a bit more time, effort, and money in this. Maybe every time we identify one of those hackers who is stealing our identity we should offer a deal if they agree to join a task force dedicated to protecting us from terrorist attacks on important daily functions that are controlled by the internet. If they are successful not only will they avoid prison, they will get paid; paid very well, and we will all be safer.