As I read the discourse, I can't help but realize that cyberwar is the new front. What I find striking about China attacking the NY Times is why? CCTV does some great work with a Worldwide audience which puts American Media (including the mighty New York Times) to shame. I can understand attacking companies for their IP (products/etc.). I am enough of a realist to realize that the "real world" is different. A friend of mine had his personal computer hacked from Germany as they began stealing from his computer and he engaged an Indian Hacking Firm that tracked them down to basically save his computer.
The key is being prudent....but is prudence enough, though?
I remember one of the big security vendors--McAfee?--saying that you could divide the Fortune 500 list into companies which had been hacked, and companies which didn't yet know they'd been hacked.
Isn't that the theory behind the upcoming movie, World War Z? Not that we need a movie to play upon these fears of what, I am sure, is already being worked on.
Cyber-attacks become truly effective when coupled with conventional attacks.
Imagine a cyberattack taking out the power grid? Expensive, and dangerous for people who need power to survive, but the power grid goes down every once in a while and it's not a national catastrophe.
Now imagine 9/11 with the power, phones, and Internet connectivity all out on Manhattan, taken out by a cyber-attack that was coordinated with the physical strikes.
Especially one that -- allegedly! -- has a habit of hacking journalists' computers.
I've got some embarrassing cat pictures on mine that I wouldn't want everyone to see.
Actually, I might as well get proactive here and get out ahead of this thing, just in case.
I confess: I take an embarrasing number of pictures of my cats. And I have five cats. I can't stop myself from adopting cats. The vet bills... the cat littler... the scratching... it's an ugly truth. I'm turning into a cat lady. I've been trying to keep it a secret. I don't have as many people over as I used to. It's starting to interfere with my work -- the cats sit on my keyboard, sleep on my laptop, knock papers to the floor, spill my drinks on everything.
I'm joking now (well, okay, not so much funny ha ha but sad), but when I was based in China I took a serious effort to keep politically sensitive stuff off our computers, and out of our office. If we needed to report something on China that might have caused us problems, I assigned it to reporters based elsewhere -- in India, for example. China does not have a good track record dealing with critical reporting.
There are state-by-state rules, which differ in every state, for disclosing attacks that lead to the loss of private information such as credit card and social security numbers and medical records.
There is also guidance from the SEC that companies must disclose breaches that might have a substantial financial impact.
However, if, say, a company loses a laptop full of sensitive information and it is encrypted, it doesn't need to report it to anybody, since the thieves can't do anything with the data.
There are organizations that gather breach reports in strict confidence, either as part of general security research, or for the purpose of catching the hackers. But participation is voluntary.
The Ponemon Institute released a study in October, in which they reported:
"The companies participating in our study experienced 102 successful attacks per week – or 1.8 successful attacks per organization. In last year's study, an average of 72 successful attacks occurred per week."
That's almost two attacks, PER WEEK, PER COMPANY, that were successful. We don't hear about the vast majority of these.
Making assumptions has started more controversy and physical harm than just about anything else. I guess one would want to be careful with a country that holds trillions of dollars of our debt.
And, at the end of the day, we might never know with 100 percent certainty.
However, there are certain reasons why hackers hack.
1. For financial gain. They hack to steal credit card numbers, or to take over your computer to create a botnet for sending spam.
2. As a protest. Cyberactivists might vandalize a site, for example, or shut down a site with a distributed denial of service attack, in order to protest something or make a political point.
3. To steal information.
Most hackers fall into the first category, and crooks can be found in any country. But the New York Times hack didn't seem to have financial gain in mind.
With New York Times being a high-profile site, it could have been a protest attack, but then someone normally takes credit for it, wants to make a public splash. There was no defacing here,
So we look at the information stolen, which relates to some sensitive coverage of top Chinese leaders -- and there aren't too many groups outside the Chinese government that might be interested in this.
By conflating all these different types of hacking, the Chinese authorities are trying to muddy the waters here.
And, given the publicity that came out of this particular attack, I would expect future government-sponsored hacking attempts to be disguized as one of the other types of attack.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
Recently, the Obama administration has been of two minds where privacy rights are concerned. On one hand, you have an administration that vowed to veto CISPA and mandated open data for government websites. On the other hand, you have an increasingly out-of-control Department of Justice on a fishing expedition at AP and demanding legislation to let the FBI wiretap private, encrypted communications and levy fines if a company fails to comply.
The apartment and house sharing service, Airbnb, now requires members to verify their identities by demonstrating a presence on the web, and by either scanning a government ID or entering detailed personal details. Other enterprises should take a close look at Airbnb's verification policies.
Facebook advertising is a lightning rod. It seems neither brands nor consumers are 100 percent happy about the social media site's policies, placement, or procedures. But the real controversy about Facebook ads and promotions is over whether they work.
By now, you've most likely heard about the 3D-printed gun that Texas-based Defense Distributed demonstrated last week. But we haven't heard the last about the censorship war that began soon afterward.
New York's Metropolitan Transit Authority is conducting a pilot test of digital kiosks to guide subway users to where they want to go more efficiently and at lower cost.
The whole Amazon.reader debate is a double-stupid. It's stupid to think that there's any e-book buyer who doesn't know Amazon's URL, and it was stupider to let ICANN launch the whole free-form TLD initiative to start with.
While NFC's original goal was to enhance mobile commerce applications, it is finding its way into a number of other uses, which is creating both opportunity as well as challenges for IT departments.
Enterprises would like to move to cloud computing but are hesitant because they are concerned about providers’ ability to secure company data. Here are some tips that help to ensure that if breaches occur, the business is not left holding the bag.
Edmunds separates customers into segments based on the info it collects on its site and from partners, and uses that to push out custom content, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
The automotive website uses propensity modeling to target ads and customer registration forms, said Brian Baron, director of business analytics for Edmunds.com, at Predictive Analytics Innovation Summit.
Subsidized handsets, rather than locked handsets, should be the focus of regulators. We're not getting good deals, not fostering innovation, and weakening our power as buyers.
Expert Integrated Systems: Changing the Experience & Economics of IT In this e-book, we take an in-depth look at these expert integrated systems -- what they are, how they work, and how they have the potential to help CIOs achieve dramatic savings while restoring IT's role as business innovator. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
