Physician, Heal Thyself

I hesitated about posting on this subject since it’s a bit out of my comfort zone. You are presumably aware that a recent “bug-finding” event found 238 security vulnerabilities in the Army’s systems. Brad D. Williams reports at Breaking Defense:

WASHINGTON: The third annual Hack the Army event uncovered 238 security vulnerabilities — 102 rated “high” or “critical” — in Army tech.

The bug bounty event, which began in January and ran for six weeks, invited military and civilian security researchers to find vulnerabilities within a limited time frame. This allows the Army to proactively fix the prospective cyber targets, ideally before a bad guy can exploit them.

For perspective, Hack the Pentagon found 138 unique, validated vulnerabilities in 2017, Hack The Army found 118 late fall, and Hack the Air Force found 207, according to a story Sydney did on the program.

“We cannot afford a ‘next time we will do better’ mentality. I strongly believe a proactive approach is critical, which means finding potential problems and addressing them before they are realized,” said the Defense Digital Service’s Maya Kuang, who participated.

This year’s event included 40 military and civilian participants. Eligible civilian security researchers received more than $150,000 in total bounty payouts.

The reason I was moved to remark on this is the several recent, highly-publicized ransomware incidents. There have been a number of suggestions of using Cyber Com to oppose these exploits.

Now, you might think that for legal and cultural reasons our military was well-positioned to protect itself against cyber-security threats. The discovery of so many vulnerabilities suggests that just isn’t the case.

What’s the issue? Lax discipline? Cyber-security just not a priority? They don’t have the capacity to deal with the situation? If any of those is the case it doesn’t exactly bode well for our military’s ability to protect the civilian sector against attack if they can’t even protect themselves. Consider physical analogies and you’ll see what I mean.

12 comments… add one
  • steve Link

    OT, but it is a medical heading. It took until 1999 to find the animal origin of HIV.

  • steve Link

    We still do not know the zoonotic origin of Ebola, with the first outbreak in 1976, over 40 years ago.


  • steve Link

    It took until 2017 (SARS first hit in 2002) until all of the components for SARS were found in bats.


  • As you noted this is off-topic. My view is that at this time the preponderance of the evidence supports the lab-leak hypothesis. If you have evidence that SARS-CoV-2 originated in an animal, produce it.

    If the available evidence changes, so will my view.

  • steve Link

    I have evidence that it takes about 18 years to find the zoonotic origin if that is the origin. At this point the strongest evidence of lab leak is the lack of proof of zoonotic origin. I cant see any reason to prefer one over the other.

    I am a bit surprised that when you mentioned the lack of evidence for a zoonotic origin that you did not mention that it can take about 20 years or longer to find the origin.


  • I have evidence that it takes about 18 years to find the zoonotic origin if that is the origin.

    which is irrelevant. Policy is made in the face of incomplete information.

  • jan Link

    If it walks like a duck, quacks like a duck it’s probably a duck.

    If a P4 lab in Wuhan, noted to have sloppy lab practices, is funded for practices known to manipulate viruses, has technicians become sick just before the outbreak of a contagious virus here, it’s probably not too presumptuous to hypothesize the virus’s origin not to be natural but instead an experimental by-product from that lab.

    I would call it applying occum razor type of critical thinking, without corrupting it with any vague intellectual pushback.

  • TastyBits Link

    A lab leak does not necessarily need to be from an engineered virus. Somebody could have been playing with the bats and got infected.

    Fauci stated that it must be a zoonotic origin. Fauci is a known liar. Therefore, it must have been a lab leak.

  • Drew Link

    I’m surprised no one mentioned that Fauci had motive. Absolutist, exculpatory pronouncements when one knows those pronouncements will be regurgitated by a media as gospel – for political reasons no less – is not a good look.

    Further, his testimony, Clintonian claims on funding, pliable views and email trails make Tasty’s characterization appear spot on.

  • Grey Shambler Link

    Whether intentional or no, the military implications are so obvious no country can now afford to ignore them.
    Xi must conclude that China is better organized to fend off a pandemic than the West.
    Why attack an adversary to his strength? Weaken him, weaken him again, then make your move.
    This is as big as or bigger than cyber terrorism.

  • Grey Shambler Link

    Seems to me, no offense intended, that you, Steve, see the world as caricature.
    Americans are bad, mainly because our sins are revealed.
    The Chinese (or anyone else) are good, being people of color who by definition can only be victims.
    Their crimes are well and deliberately hidden.
    Almost as if they never happened.
    Why do you trust them more than those around you ?

  • steve Link

    “Seems to me, no offense intended, that you, Steve, see the world as caricature.
    Americans are bad, mainly because our sins are revealed.”

    Thats because you are an idiot and dont really read what I write and/or dont understand it. I have never said Americans are bad (though individual Americans clearly are) . I actually served the country in the military. I preferentially hire ex military and make sure our reservists are paid well while deployed. I just spent a day nearly every week over the past few months volunteering to give vaccinations. I put my time, my money and my efforts into the community and the country.

    Unlike you or most people here I have spent my entire professional career reading studies and looking for problems with them. So in this case two things changed that suddenly made everyone here decide it must be a lab leak. One of those was not finding evidence of zoonotic origin in 2 years. So I had some spare time today and I wondered how long it usually takes to discover zoonotic origins. Turns out it can take quite a while. So that makes one of those two changes much less important. Also makes me wonder why people writing about this would leave out that detail. The 3 people being sick? That is more of a concern but we certainly dont have much detail. Since it is mostly airborne not sure why a lab would be aerosolizing a virus they are working with.

    So what I actually said is that I dont see that much to prefer one origin over another. I did not say the Chinese were innocent PLUS I have always supported furthering an investigation. If you have reached a definite conclusion it is driven by ideology.


Leave a Comment