The Media used this terminology in the aftermath of the Trump election: “Russia hacked our electoral system during the 2016 election.” One presenter at the Yale Cyber Leader Forum I attended explained that in actuality, our electoral system was not hacked.
What actually happened is that Russia used Facebook and other social media to propagate fake news stories about Hillary Clinton. They perpetrated identity fraud to do this. Interestingly, these events were not seen to be a failure of the US government but rather a problem with social media. Separating the fake news from legitimate information is a massive challenge. And separate from cyber-attacks.
There are more and more cyber-security companies but the number of breaches isn’t going down. Only 20% of cyber security budgets go towards prevention.
Hackers are ever more sophisticated. Malware can be delivered in a video download. An innocent sounding e-mail will have a subject heading like “Look at these cute cat videos” and a link to download a corrupted video.
The US government has been reactive rather than proactive in its approach to cyber-attacks. One Yale Forum expert believes we should also “degrade the potential of adversaries to harm us.”
During another Forum break, the owner of a cyber security company explained he had to go through great lengths to get his employees to use encrypted email. The irony was not lost on him.
What about the future?
Yale experts made the following predictions:
- There will be more and more digitization of our lives.
- The Internet of Things (the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity enabling them to operate within our existing Internet infrastructure,) will continue to grow and permeate every facet of our existence. Devices are going to go from being outside of our bodies to inside our bodies. One expert wondered about the risk of soldiers going on a training run while wearing a fitness tracker.
- More and more of our data will move to the cloud. (The cloud refers to software and services that run on the Internet, instead of locally on your computer. Think Spotify.)
- Identity theft will become easier as we will develop products that can perfectly imitate our voices and other aspects of our individuality.
- Compliance with cyber-security needs to be easier. Is there an equivalent to putting all the smart phones in a lead box before entering the meeting room?
- We may never be ahead of the adversary.
- The disaster of the future will be a cyber-attack.
So what can we do? I answer that question in the 4th and final post in this series.
No comments:
Post a Comment