In his latest column at the Washington Post Robert Samuelson is worried about the Internet:
Relying on data from Verizon, the CEA study classifies cyberwarriors into four major groups: (1) nation-states that spy on or disrupt their adversaries; the major players here are China, Russia, North Korea and Iran (the United States should probably be added to this list); (2) criminals engaging in identity theft and “ransomware†— the stealing of data that is promised to be returned upon payment of a given fee; (3) business competitors that steal proprietary technologies and trade secrets; (4) company “insiders,†usually disgruntled workers “looking for revenge or financial gain.†In addition, there are various freelancers: people with a political agenda or who hack for fun.
According to the Verizon data, about half the “threat actors†are criminals and about a fifth are groups affiliated with nation-states. Interestingly, about a quarter of cyberattacks are caused by insiders.
I can only judge by my own experience. When I blocked every Chinese IP address I could identify, the volume of malicious and nuisance traffic on this blog declined dramatically. IMO Mr. Samuelson’s list doesn’t quite show us just how much his categories overlap. So, for example, North Korean hackers aren’t just spying and disrupting. They’ve been identified as responsible for serious ransomware attacks, notably the “Wannacry” attack of last year.
I would turn things around. I think that the general failure to take cybersecurity seriously is the actual threat. How do you mitigate the risk of your house being burgled? Locking your doors at night would be a good start. You could keep valuables in a safe deposit box. There are measures than can be taken. Alternatively, you could write an op-ed complaining that there are burglars.
But the federal and state governments rarely even follow their own security protocol and the failure to do so is never punished. Businesses, large and small, have the same problem.
The reason for such lax security is actually pretty obvious. There are costs associated with security, both direct and indirect including opportunity costs. There are some things that just don’t make financial sense when the cost of security is taken into account.
We could cut cyberattacks from China, Russia, North Korea, and Iran down to a trickle by blocking them at their choke points. Shut those countries off the Internet. We won’t do it because there’s too much money to be made by making communications easy, even with bad actors.
… every Chinese IP address I could identify …
According to our free-traders, we must import every toxic and corrosive product from China. If toxic dog food and corrosive sheetrock are blessings from the Chinese, why are electronic products a problem?
According to the apologists, a business would never do anything to harm its customers. We are assured that without the FAA air travel would be even safer than it is. Target would take every security measure to protect their customers against identity theft. Oh, wait. Nevermind.