Network security breaches are moving way beyond the `hacker quest for notoriety’ stage and we’re now in crisis.
While the lexicon for data breach is changing at bewildering speed, the sustained attacks from organised criminal gangs violate our network space on an hourly basis. If you have been hacked – and I was way back – you will know the sense of powerlessness, rage and fear that this brings.
In my case, it was a concerted attack on and control of a range of IP addresses that was then used by the hacking group to mount a sustained attack and penetration of NASA. My IP range was secure and safe but others in the range were not. The penetration began at the end-device level and moved from there to server-side.
Wasteland: cyber-crime steals the future
The initial attack led first to a wipe out of websites access, then barring by the naming authority, which I thought was akin to crucifying the victim of a robbery. Meanwhile, the hacker group penetrated and accessed NASA data.
But that experience taught me two things. First, the onus and focus was on the user to secure and nail down their network, whether shared or unique. Second, the software-based security solutions were not adequate.
If that was true in 2001, it’s even more valid now.
I’ve been monitoring the network security landscape for two years, as part of the job at Liberate Media. It’s scary. Every week, there is a raft of stories around network breach of organisations of every type.
Worse, the number of breach reports is increasing month on month. These are only the tip, remember. Many countries do not require breach and data loss reporting, currently. That is about to change in the UK and Europe.
What this will do the breach statistics is anybody’s guess – but I would place a very big bet that the rate of breach will not go down.
The Guardian has just published a lengthy, informative blog post by author Misha Glenny that, between the scare-ware info, describes the breadth and depth of the organised cyber-crime dark side. Worth a read.
Time to wake up?