You are here

Cybersecurity

The Open Internet's Growing Security Problem -- Part IX

New evidence continues to spotlight the Open Internet's growing security problem. 

  • The growing catalogue of evidence from mainstream sources is getting harder and harder to ignore. See previous parts of the series:  I, II, III, IV, V, VI, VII & VIII.

"Internet security threat report finds malicious activity continues to grow at a record pace -- Web based attacks evolve as hackers target end-user information; Underground economy continues to thrive." Symantec

Is an Open Internet a Secure Internet? Open Internet's growing security problem -- Part VIII

High profile Internet security/safety/privacy problems continue to spotlight the Open Internet's growing security problem.

"Computer hacking attacks soar as gangs focus on financial data" -- FT

  • "Computer hackers stole more sensitive records last year than in the previous four combined, with ATM cards and Pin information growing in popularity as targets, according to a study..."

"Computer Attackers target popular sites in quest for profit" IBD

  • Symantec...  "found new varieties of malware rose 265% last year vs. 2007."
  • "This is about fraud and theft — I don't think there's any doubt in anyone's mind," said Dean Turner, director of Symantec's global intelligence network unit. "Where this is headed is not good for anybody."

"Computer Spies Breach Fighter Jet Project" WSJ

  • "...He spoke of his concerns about the vulnerability of U.S. air traffic control systems to cyber infiltration, adding "our networks are being mapped." He went on to warn of a potential situation where "a fighter pilot can't trust his radar."

"New Military Comand to Focus on Cybersecurity" WSJ

Why Isn't the Conficker Threat on FCC's Radar? -- Open Internet's Growing Security Problem -- Part VII

Why is one of the most-serious identified internet/cybersecurity risks currently affecting the Internet and network operators not on the FCC's radar screen?

  • More specifically, why does a search of the FCC's website for the term "conficker" return zero results? (see below)

 

Search Results

  Start new search Search ›› Advanced Search | Tips        
Your search conficker returned no results.

 

 

A Google search on "conficker"returned 4.86 million results.

The Open Internet's Growing Security Vulnerability Problem -- Part VI in a Series

The open Internet's inherent vulnerability to bad actors made the front page of the Wall Street Journal today in an important-to-read article: "Electricity Grid in U.S. Penetrated by Spies." 

Now we better can much better appreciate why Senate Commerce Committee Chairman Rockefeller is so concerned about cybersecurity and committed to making protection of the Nation's critical cybrastructure a much more urgent priority for the Internet.

The WSJ article hit the core internet problem on the head in the article -- its a lack of accountability:

  • "It is nearly impossible to know whether or not an attack is government-sponsored because of the difficulty in tracking true identities in cyberspace."

This problem in this article spotlights why cybersecurity and online safety are very real and pressing problems on the Internet today. It is surprising and alarming why there is not as much public focus on the very real problems of the Internet as there is on potential unproven Internet problems.

Part V

Lessons from Sweden's Illegal File-Sharing Crackdown

Wow. Daily Internet traffic in Sweden immediately fell more than 40% after a new Swedish law went into force cracking down on illegal file-sharing. The new law obligates ISPs to to report the IP-addresses of suspected copyright violators to copyright owners.

  • Per an AP story: "Statistics from the Netnod Internet Exchange, an organization measuring Internet traffic, suggest that daily online activity dropped more than 40 percent after the law took effect on Wednesday. Henrik Ponten of the Swedish Anti-Piracy Bureau welcomed the plunge in Internet traffic as a sign that file-swappers are reducing their activity for fear of getting caught. "There's no other explanation for it," he said."

 

Seldom is there such glaring evidence of direct cause and effect between a policy-change and behavior-change on the Internet. To the extent that this initial effect is lasting and proves applicable to other nation's circumstances, what can we learn from this Swedish precursor/example?

Lesson 1: It proves people act more responsibly on the Internet when there is an increased liklihood of getting caught and prosecuted for illegal behavior. More accountability equals more deterrence.  

Lesson 2: It may turn out to be much cheaper and more effective for the U.S. to simply enforce copyright law than to continue overbuilding bandwidth capacity in order to keep pace with the near bottomless bandwidth appetites of the very small minority of users that are serious illegal file-sharers.

Why All Innovation Is Not Good

My point here is not at all anti-innovation, but simply that all innovation is not good, because innovation is a means not an end. People can innovate for both good, and bad, purposes. 

  • Cyber-criminals, hackers, predators, terrorists and other malfactors, constantly innovate on the open Internet with malware, viruses, spam, botnets, p2p piracy and phishing, denial of service attacks, etc.
  • Cyber-security experts marvel at the innovation and ingenuity of these multiplying malfactors.    

My big point here is that the push for the Government to maximize innovation by mandating an "open Internet" is a knife that can cut both ways. Just like an open Internet enables well-intentioned innovators, it also can enable innovative cyber-crooks and bad actors. 

Anything good can become bad or a problem, if it is taken to excess.

The Open Internet's Growing Security Problem -- Part V in a Series

Evidence continues to mount that the real problem on the Internet is that it is not as safe and secure as it needs to be -- not that it is not open enough. (Parts: I, II, III, IV

"Cyber Security: The Achilles Heel of U.S. Might?" Washington Post

  • "...the fact that the nation's cyber vulnerabilities continue to grow, and fast."
  • "Both the high-profile attacks and more routine infiltrations have shed light on the vulnerability of critical information infrastructures. For example, the Defense Science Board noted that the U.S. military's information infrastructure is the "Achilles' heel of our otherwise overwhelming military might."

"Smart Grid May be Vulnerable to Hackers" CNN

  • "A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout."

'Website-infecting SQL injection hitting 450,000 a day" USA Today

The Post Office Does "Deep Package Inspections" Without Privacy or Free Speech Problems

Free Press in its latest report: "Deep Packet Inspection: The end of the Internet as we know it?" continues to mischaracterize "reasonable network management" practices (that ensure quality of service and filter out harmful traffic like spam, viruses, and other malware) as bad practices and misuse of technology that threatens users' privacy and freedom of speech.   

It is inaccurate and unfair to mischaracterize reasonable network management this way.

The Free Press report uses a common analogy about "deep packet inspection" (DPI) technology. It analogizes that use of DPI technology by an ISP would be like the post office going beyond reading the address of a letter and looking inside the letter to read the private contents.

  • This partial analogy is designed to lead people to believe that DPI is only a privacy-invading technology without any merit or useful function. 

Let's explore the letter and post office analogy more fairly and accurately.

Chairman Rockefeller elevates cybersecurity to a major priority -- Protecting the cybrastructure

The cybrastructure is everything that can be digitally connected to the Internet, and the cybrastructure is increasingly vulnerable to cyber attack from hackers, criminals, terrorists and other bad actors. The exploding growth in people, devices, information, and systems connected to the Internet, naturally creates an exponential increase in vulnerabilities that bad actors can exploit.  This makes cybersecurity an increasingly urgent priority. 

  • Many think of cybersecurity as protecting users, organizations, computers, devices, and private/sensitive information, but it is much more. More and more, cybersecurity is about protecting critical systems too; our banking, capital markets, and e-payment systems; our electrical grid and utilities; our health care infrastructure; our public safety and military systems; etc. -- that all can be accessed or hacked by a wide variety users, organizations, computers, and devices. 
  • The cybrastructure now is the vulnerable soft underbelly of our economy and society.   

Fortunately, the security and safety of the cybrastructure is finally getting the priority attention it deserves.   

The Open Internet's Growing Security Problem -- Part IV in the Series

Evidence continues to mount that the real problem on the Internet is that it is not as safe/secure as it needs to be -- not the popular neutralist myth that it is not open/neutral enough. (Parts: I, II, III)

  • I would be surprised, if the succinct evidence that I have assembled below, does not deeply trouble the reader.  
  • Moreover, it is also troubling that there is not more focus on the real and increasing problem of Internet safety/security because there is so much attention focused on making the Internet even more open and vulnerable than it already is.    

The Mounting Evidence of a Growing Internet Security Problem:

Pages

Q&A One Pager Debunking Net Neutrality Myths