The blurring lines between physical and cyber systems, coverage of data monitoring from the Edward Snowden revelations, and the deluge of cyber attacks in 2014 have resulted in new levels of American interest in cybersecurity. A few examples of this attention are the speculations around the implementation of Stuxnet, the government’s creation of Cyber Command, and the media’s coverage of the many thefts of information from digital databases and the cloud.
Polling respondents with experience in Internet security, a recent report conducted by Pew Research Center confirms, “Cyber Attacks Likely to Increase.” The center reported that 61% of the report’s respondents believed that a cyber attack causing widespread harm would occur by 2025. The respondents almost universally agreed that America’s reliance on the Internet has exposed individuals, industry, and government to new threats. Pew identified four cybersecurity themes with its report.
The first theme states, “Internet-connected systems are inviting targets. The Internet is a critical infrastructure for national defense activities, energy resources, banking/finance, transportation, and essential daily-life pursuits for billions of people.” The attacker’s advantage in cyberspace makes for an attractive environment to launch an attack, and the high value of financial and personal information makes launching a cyber attack a very lucrative proposition. Unlike traditional/physical attacks, launching cyber attacks does not pose any immediate physical risks to aggressors. Moreover, rising computer literacy has resulted in more individuals knowing how to code, a trend that further lowers the barriers to entry in the cyber arena.
With a high quantity of high-value information stored in Internet-connected systems, those systems will receive a great amount of attention from criminals and foreign governments, who stand to gain much from retrieving information from American systems.
Pew’s second theme states, “Security is generally not the first concern in the design of Internet applications. It seems as if the world will only wake up to these vulnerabilities after catastrophe occurs.” This theme appeals to common sense. If users desire easy-to-use applications for specific purposes with limited time and material resources, then it makes sense that designers would focus more on the product that their customer will interact with and less on security details that may not add value to the application in the short term.
Look for a discussion of the third and fourth themes later this week.
While most think that a major cyber attack is forthcoming, proactive responses to rising cybersecurity risks can prevent future attacks, deter attackers, or decrease the damage wrought by attacks. As always, awareness of news and trends, communication with cybersecurity experts, and good digital hygiene are first steps to upping levels of cybersecurity.