Last week I wrote about progress in cybersecurity policy and practice over the last decade. Yes, the world is more aware today in part because stuff has gone pear-shaped in cyberspace over and over. Naturally, reporters have risen to the task and written story after story about it. There is a veritable cottage industry about what Russia did with the interwebs. But beyond improvements in daily media reports, we’ve also seen an up-tick in major book-length works.Read more »
Prior to joining Illumio, I spent two years on a writing fellowship at Berkeley’s Center for Long-Term cybersecurity and before that seven years at the Pentagon focused in large part on cybersecurity and cyber policy. For most of that time it felt like cyber folks were in a world of our own. Policy people assumed we were coders or engineers. The general public often assumed we were overreacting or, if not, hoped we knew what we were doing. In those early years we celebrated victories – the launch of U.S. Cyber Command in 2009, the President’s first international cyber strategy in 2011 – but the public didn’t pay all that much attention to the issues at stake. Like how some people erroneously see climate change, perhaps they saw cybersecurity as a future problem that was too complicated to address easily.
Then things changed.Read more »
Somedays it feels like the whole world is getting hacked. China has stolen U.S. military data through cyberspace, first for the Joint Strike Fighter and now for sensitive submarine technologies. Millions of Americans have had their credit card information pilfered as hackers breached retail companies. Even ships at sea are vulnerable, as hackers have learned to manipulate the Automated Information System (AIS) and the Global Positioning System (GPS) to alter a ship’s navigational course without their captains necessarily knowing.
These hacks are alarming in their scope and risk and immediately make headlines. But what about the quiet, subtle hack of a white glove law firm? Law firms base their reputation (and therefore their business) on confidentiality and discretion – for good reason. The legal business is obviously a sensitive one; lawyers often interact with their clients in vulnerable or transitional states where much is at risk. Client records thus present a treasure trove of juicy data for any hacker: personally identifiable information, banking data, and correspondence. All data that could make or break a case for a client and her firm.
Read more »
Cyberattacks can be difficult to detect, assess, and mitigate – and the consequences of a breach can be significant for a company’s bottom line or for the overall economic and political health of a country. Consider just three recent historical and well-known cyberattacks and their consequences.