Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Be scared: The Sony-style hack is no rare event

Roger A. Grimes | Dec. 11, 2014
Only the wanton destructiveness of the Sony attack made it an outlier; the scale was not uncommon. Maybe the bad publicity will be a wake-up call

Those millions will barely move the needle. Any dedicated, decent hacker will be able to break back into Sony or any of these companies at will -- the overall problem isn't specific to one infrastructure and can't be prevented by a security product. No amalgam of network and endpoint security defenses will prevent badness from breaking in.

Toward a real solution

To significantly reduce Internet crime, you have to fix the Internet and get global accountability. What do I mean by "fix"?

Well, we don't have to invent new Internet protocols or rocket-science technologies. We have all the technology we need. As I've proposed for years, what we need is an open, global early-warning system -- and to agree on a scheme that positively identifies Internet users with minimal violation of privacy. Sure, that's a tall order. But if we get the right security leaders in one room to hammer out the details, it can be done.

We also need global enforcement. As long as the bad guys can get away with malicious actions and escape punishment, we'll never stop Internet crime. Sadly, today, even if we have all the evidence in the world about who did what, when the perps sit on the other side of the right global boundaries, we can't touch them. Until we make it painful for countries to ignore home-grown cyber terrorists, Internet crime will continue to pay.

Don't get caught up in the hype that the Sony hack was huge, devastating, and unique. It wasn't -- it's much worse. The real story is that nearly every company could be Sony. Many already are and don't know it.

The public nature of the Sony hack was good because it pulled back the curtain on the woeful security landscape. The grandiose, punitive nature of the attack made it more dramatic -- though it was likely accomplished by hackers with ordinary skills. Almost anyone can see we can't carry on this way.

Source: InfoWorld


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.