Cybersecurity For Dummies. Joseph Steinberg
Чтение книги онлайн.

Читать онлайн книгу Cybersecurity For Dummies - Joseph Steinberg страница 13

СКАЧАТЬ be extrapolated from the aforementioned data.

      All these changes have translated into a scary reality: Due to societal shifts, evildoers can easily launch much larger, more sophisticated social engineering attacks today than they could just a few years.

      Economic model shifts

      Connecting nearly the entire world has allowed the Internet to facilitate other trends with tremendous cybersecurity ramifications. Operational models that were once unthinkable, such as that of an American company utilizing a call center in India and a software development shop in the Philippines, have become the mainstay of many corporations. These changes, however, create cybersecurity risks of many kinds.

      The last 20 years have seen a tremendous growth in the outsourcing of various tasks from locations in which they’re more expensive to carry out to regions in which they can be accomplished at much lower costs. The notion that a company in the United States could rely primarily on computer programmers in India or in the Philippines or that entrepreneurs in New York seeking to have a logo made for their business could, shortly before going to bed, pay someone halfway around the globe $5.50 to create it and have the logo in their email inbox immediately upon waking up the next morning, would have sounded like economic science-fiction a generation ago. Today, it’s not only common, but also in many cases, it is more common than any other method of achieving similar results.

      Of course, many cybersecurity ramifications result from such transformations of how people do business.

      Data being transmitted needs to be protected from destruction, modification, and theft, and globalization means that greater assurance is needed to ensure that back doors are not intentionally or inadvertently inserted into code. Greater protections are needed to prevent the theft of intellectual property and other forms of corporate espionage. Code developed in foreign countries, for example, may be at risk of having backdoors inserted by agents of their respective governments. Likewise, computer equipment may have backdoors inserted into hardware components — a problem the U.S. government is struggling with addressing as this book goes to print.

Hackers no longer necessarily need to directly breach the organizations they seek to hack; they merely need to compromise one or more of the organizations’ providers. And such providers may be far less careful with their information security and personnel practices than the ultimate target, or may be subject to manipulation by governments far less respectful of people’s rights than are the powers-that-be in the ultimate targets’ location.

      Political shifts

      As with advances in technology, political shifts have had tremendous cybersecurity repercussions, some of which seem to be permanent fixtures of news headlines. The combination of government power and mighty technology has often proven to be a costly one for ordinary people. If current trends continue, the impact on cybersecurity of various political shifts will continue to grow substantially in the foreseeable future.

      Data collection

      The proliferation of information online and the ability to attack machines all over the world have meant that governments can spy on citizens of their own countries and on the residents of other nations to an extent never before possible.

      Furthermore, as more and more business, personal, and societal activities leave behind digital footprints, governments have much easier access to a much greater amount of information about their potential intelligence targets than they could acquire even at dramatically higher costs just a few years ago. Coupled with the relatively low cost of digital storage, advancing big data technologies, and the expected eventual impotence of many of today’s encryption technologies due to the emergence of quantum computing and other cutting-edge developments, governments have a strong incentive to collect and store as much information as they can about as many people as they can, in case it is of use at some later date. It is more likely than not, for example, that hostile governments may have already begun compiling dossiers on the people who will eventually serve as president and vice president of the United States 25 years from now.

      The long-term consequences of this phenomenon are, obviously, as of yet unknown, but one thing is clear: If businesses do not properly protect data, less-than-friendly nations are likely to obtain it and store it for use in either the short term, the long term, or both.

      Election interference

      A generation ago, for one nation to interfere in the elections of another was no trivial matter. Of course, such interference existed — it has occurred as long as there have been elections — but carrying out significant interference campaigns was expensive, resource-intensive, and extremely risky.

      Manipulating voter registration databases to prevent legitimate voters from voting and/or to allow bogus voters to vote was extremely difficult and entailed tremendous risks; someone “working on the inside” would likely have had to be nothing short of a traitor in order to have any real significant on election results. In a country such as the United States, in which voter registration databases are decentralized and managed on a county level, recruiting sufficient saboteurs to truly impact a major election would likely have been impossible, and the odds of getting caught while attempting to do so were likely extremely high.

      Likewise, in the era of paper ballots cast in person and of manual vote counting, for a foreign power to manipulate actual vote counts on any large scale was impractical, if not impossible.

      Today, however, the game has changed. A government can easily spread misinformation through social media at an extremely low cost. If it crafts a well-thought-out campaign, it can rely on other people to spread the misinformation — something that people could not do en masse in the era of radio recordings and printed pamphlets. The ability to reach many more people, at a much lower cost than ever before, has meant that more parties are able to interfere in political campaigns and can do so with more efficacy than in the past. Similarly, governments can spread misinformation to stir up civil discontent within their adversaries nations and to spread hostility between ethnic and religious groups living in foreign lands.