The concept of a cyberwar is no longer relegated to the pages of science fiction. Many states may have already built weapons to fight this war, and the U.S. government is working to secure online resources to protect against cyber attacks. However, attacks are still slipping through, including a recent attack on U.S. Office of Personnel Management, that may have exposed the data of millions.
Dave Wajsgras, head of Raytheon‘s intelligence, information and services business, told Reuters:
It’s very disappointing that this information was seemingly as easy to get at as it was […]There is a tsunami of threats that exist in the cyber domain today. It’s something that we all collectively need to take much more seriously.
According to security experts cited by Reuters, the security clearance data exposed in the attack may have included social security passwords, and other information that might allow hackers to compile dossiers on key individuals.
A lack of security is a chronic problem that agencies, companies, and individuals seem to refuse to take seriously, despite mounting evidence that it’s the cause of many of our data security headaches. In fact, the Reuters report indicates that the data wasn’t as secure as it should have been, and may not even have been encrypted.
So how do we tackle this ongoing problem? The first step would be instituting proper encryption and user authentication into every system that stores sensitive information. But government agencies have a poor track record in that field.
Adrienne LaFrance, senior editor for The Atlantic, came to some grim realizations when examining the options the government and military are considering. One avenue that security agencies are pursuing is to fight fire with fire: creating their own malware and hacking programs.
LaFrance noted that data from the Snowden leaks demonstrated that the NSA was “dramatically expanding its ability to covertly hack into computers on a mass scale.” This could be through the use of ransomware, or other malware that either surveills or hijacks user computers.
But in the cyberwar, there are no borders and boundaries and it’s the users and consumers that have the most to lose. Thousands of hacks have exposed the data of millions of users, and it seems that government agencies are only interested in fighting a war, rather than protecting them.
Image courtesy of Shutterstock.