Here’s something to think about in the news about the Department of Homeland Security getting hacked by Russian hackers using a trojan horse embedded in SolarWinds software. If DHS can’t protect itself, how the heck is it going to protect us?
Here’s something to think about in the news about the Department of Homeland Security getting hacked by Russian hackers using a trojan horse embedded in SolarWinds software. If DHS can’t protect itself, how the heck is it going to protect us?
In every case of hacking, it is the so-called victim who is at fault. The people at DHS were just too lazy, too stupid, and too corrupt to do their jobs. Laziness, stupidity, and corruption characterize the American government at all levels. The appropriate response to this hacking is to fire the Director of HS and all the senior IT staff.
My view is slightly different. I don’t dispute the “laziness, stupidity, and corruption” part but there’s more to it. Governments at all levels are standards-based and standards are inherently backward-looking. That places governments at distinct disadvantages in dealing with hackers.
Hacking is asymmetric warfare. The advantage is with the attacker.
They would just be replaced by others equally lazy, stupid, and corrupt. The problem is structural. The vulnerability that has been revealed is one of the reasons I opposed the creation of the Department of Homeland Security in the first place. Decentralization is actually more secure than centralization. Less software monoculture would be more secure as well.