No rules: Internet security a Hobbesian "state of nature"

A new report on international cybersecurity argues that the Internet is a Hobbesian "state of nature" where anything goes, where even government attacks maintain "plausible deniability," and where 80 percent of industrial control software is hooked into an IP network.

arstechnica.com Feb 1st, 2010

Hack attacks

The report was funded by security vendor McAfee, but it was conducted by a respected DC think tank, the Center for Strategic and International Studies. It paints a stark picture of the security problems faced by major enterprises and infrastructure groups, and some of the statistics are downright shocking.

  • 54 percent of surveyed executives experienced "large-scale denial of service attacks by [a] high level adversary like organized crime, terrorists, or nation-state"
  • 57 percent said they had suffered DNS poisoning, in half the cases multiple times per month
  • 70 percent had dealt with network vandalism, insider theft, phishing, or loss of sensitive data
  • 20 percent had been victims of Internet extortion schemes

If the overall news on Internet security is grim, the news from specific sectors and countries can be downright horrific. For instance, take that last stat on extortion schemes. Hackers infiltrate a network, then threaten a company with chaos, a data leak, or the disruption of operations unless they are paid. It happens more than you might think, despite corporate unwillingness to publicize such attempts.

 

Read the full article online