Cabinet Office minister Francis Maude has warned that the London Olympics will not be immune to cyber attack. The man who urged all Blighty to start stocking up on petrol by pouring it into jerry cans said that a crack team has been set up dedicated to guarding the Games against attack. "The Beijing Olympics saw 12 million …
I think the safest thing for Ministers to do is to keep their mouths shut. Using Francis Maude as an excellent example, each time they open their mouths they demonstrate how little they know about the subject at hand. They should stick to the dictum, 'Better to keep your mouth shut and be thought a fool than to open your mouth and prove it.'
Of course the other benefit would be that I wouldn't have to listen to their drivel.
"a crack team has been set up dedicated to guarding the Games against attack"
That'll be a group of NEETs trained to pull the cables out of the routers/switches if the lights start flashing too quickly.
That'l be part of an Apprenticship scheme which of course will lead to a well-paid job in computing.
Despite the prevalent myth of the Superhacker, there's plenty of solid evidence that most breaches are total pushovers. Just for example, Verizon's 2012 report (on 2011 data) concluded that 96% (4% more than the previous year) of attacks were "not highly difficult" and that "97% of breaches were avoidable through simple or intermediate controls".
So what we really need is not a few expensive cyber whiz kids on short term assignment for the duration of the London jamboree, but for ordinary IT staff at all levels to be competent in basic security housekeeping. It would be much safer and vastly more cost-effective, and would also release the real experts to protect us against the occasional attacks that are not so trivial.
However, it's not in the interest of the attackers, the defenders or indeed many security researchers to point out how easy cyber attacks currently are to accomplish, as they would all lose face (and, in many cases, huge revenue streams or big salaries). So we are kept in ignorance by an informal (and albeit uncomfortable) collaboration of deception on the part of pretty much all those who know the real situation. It would be incredibly difficult for government to justify proposed levels of expenditure on "cyber defence" if it was well known that the vast majority of their appallingly frequent security problems stem from the incompetence and slackness of the implementers and defenders of their systems. But we are up against a very determined adversary, so we have only one real choice - face facts or lose.
What a good idea.
After all it's important to protect the Olympics from the traditonal forms of crime which are so common in cyberspace - drug abuse, drug dealing, political extremism, bribery, corruption, money laundering, bogus charities, corporate fraud.
They don't want anyone muscling in.
Biting the hand that feeds IT © 1998–2021