Posted by: David Scott
cyber attack, cyber crime, cyber espionage, cyber security, cyber security and government, cyber terror, cyber warfare, DAPR, disaster awareness preparedness and recovery, disaster recovery, security awareness, security breach, Security Plan, security policy
The dogmas of the quiet past are inadequate to the stormy present. The occasion is piled high with difficulty, and we must rise with the occasion. As our case is new, so we must think anew and act anew.
- Abraham Lincoln
I happened to catch an NBC story about Chinese hacking concerns: They mentioned that a recent Washington Post report indicated that Chinese hackers had stolen information on more than two dozen U.S. weapons systems, to include the Patriot Missile system and the F35 Joint Strike fighter
After setting the background of hacks from nation states, the NBC report went on to note that in the emerging world of cyber warfare, it’s not just governments that pose large threats. A Newsweek cover story “You’re Being Hacked,” quotes a ‘security analyst’ (in the NBC report’s words), who is quoted as saying:
“…a single individual is very capable of waging cyber war at a level we previously attributed only to intelligence agencies or crime syndicates.”
I.T. Wars made this point back in 2006, believe it or not. What we’re talking about here is asymmetrical threat and force: A single individual – vs. an entire country, for example. Consider this extract and treatment from the book’s last chapter:
Terror Attack: Today, possibilities of comprehensive national catastrophe (to any nation) are no longer in the realm of Science Fiction, or held in abeyance through MAD (Mutually Assured Destruction, as during the Cold War). We face extremely large harm from asymmetrical sources: Sources that are weaker than their opponents in conventional terms. They can’t compete through strength in numbers: neither by membership; number of conventional arms; or even in the numbers of their sympathizers. Their goals can be anathema to the vast majority.
But these asymmetric forces’ business and objectives (that which they’ll do, in support of their desired outcomes, respectively) are as strong as they can possibly be. In fact, their business trumps any concern for survival of any specific individual of their own. And, their objectives include the stated destruction of whole societies. We must realize too, that with these groups, an effective internal check-and-balance on unreasonable actions diminishes rapidly as the size of the considered group diminishes.
However, tremendous will – even infinite will – means nothing without some form of power. Today, power is moving closer – closing a divide – with this tremendous will of the relative few. Soon, if not now, weapons representing delivery of catastrophic harm will be available to the few – no matter how vile their agenda, no matter how onerous their task in procurement. Our argument here is not the specific “who” – that is not necessary in setting the awareness. For the present, we can emphasize a keen awareness that asymmetric attack forces are closing a divide: Until recently, the achievement of their objectives was denied because of the simple divide between their will to dispense widespread destruction, and their means to do it.
It is reasonable to assume that once closing a divide between will and means, a complete dedication to “business” will be paired with extraordinarily damaging “technology.” One group or another will “pull the trigger” once closing this divide.
[Extract, I.T. WARS, Ch. 21 - What's At Stake: Lessons of the Business-Technology Weave, Copyright 2006 BookSurge Publishing]
Hacking, and cyber warfare, by individuals certainly represents power and weaponry in the hands of the few.
Now, pair that extract with some BTW articles from earlier this year: Seek out the ones that discuss hacking for sport, whereby a single individual takes down a company, or a bank, or a government agency’s ability to conduct its mission – for sport… and bragging rights. Also consider the Competitor Hack (CH), first defined and branded here at BTW, whereby a single individual, either rogue or with company sanction, decides to disable a competitor by hacking into their business systems and bringing them down. More here.
Once again, I like to propose solutions, and can refer the reader to my treatment of Disaster Awareness, Preparedness, Recovery (DAPR) - vs. standard Disaster Recovery (DR).
It’s interesting to note that the general mainstream press and consciousness is catching up to warnings, concepts, and (hopefully) solutions that I debuted years ago, and again I refer interested readers to the concept of DAPR – it is a defined discipline whose time has come.
NP: Herbie Mann at the Village Gate, 1961. Check it.