Sometimes I lie awake at night and worry about what would happen if the Internet stopped working. How would I get work done? How would I communicate? How would the bank handle my money? Yet, I don’t have the best passwords. I suspect my firewall would be pretty easy to hack. Thanks to FourSquare I leave a digital footprint everywhere I go. I’m terrible about backing up anything. I’m all worry, no action. That makes me worry even more that everyone is like me. We worry about security late at night but we lapse into convenience in the light of day. Was US Bank like me?
The US Bank website was attacked last week. The Minneapolis/St Paul Business Journal (and others) reports that it was a denial of service attack…
The attacks flooded bank websites with 10 to 20 times more Internet traffic than the usual DOS attack. And even though the still-unidentified group behind the attacks announced its targets days ahead of time, banks were unable to cope with them.
So why weren’t they ready? I don’t know and I don’t want to pick on US Bank (they weren’t the only bank hit), but last spring I attended a National Security Conference at the U of M and one of the themes that came up was that human dynamics may be the weakest link in security these days…
Security often comes down to human error – or maybe human weakness. People open links they shouldn’t, download software they shouldn’t, transmit info via insecure wires networks. Sometimes that’s because people can be gullible; sometimes that’s because hackers can be good and persistent. Administrators don’t keep up on updates or take the time to shut all security doors and windows.
My worry was deepened last summer at TED Global, where we heard about groups who are looking to wreak havoc on security just because they can and where Marc Goodman from Future Crimes Institute, painted a very bleak picture of cyber security.
Marc Goodman did offer one ray of hope…
Technology, he says, is affording exponentially growing power to non-state actors and rogue players, with significant consequences for our common global security. How to respond to these threats? The crime-fighting solution might just lie in crowdsourcing.
This fits in well with another TED speaker, Navy Admiral James Stavridis, who spoke of the need to build bridges, not walls. But part of crowdsourcing, part of building bridges is convincing more people that these topics are worth their time and consideration.
So back to my original question – Is your community ready for a cyber attack? If you don’t know the answer, who does? I’m hoping to find out more about who knows and how I can spread the word at the Cyber Security Summit next week (Oct 9-10). I’ll post my notes – but what I have picked up from previous cyber security conferences is that our greatest weakness is our potential strength – people! So I’d encourage others to attend.