Let me state the obvious just to get it out of the way: cybersecurity in the US sucks, and everybody knows it. The US president knows it. The Pentagon knows it. And, worst of all, the hackers know it too. That's why I'm so alarmed by a new Pew Internet survey that says the US will probably get hit with a deadly cyberattack by 2025.
I don't mean to sensationalise this news, but this is scary. Because it's probably true! Ultimately, 1642 cybersecurity experts participated in the Pew survey, which included this question:
By 2025, will a major cyber attack have caused widespread harm to a nation's security and capacity to defend itself and its people? (By "widespread harm," we mean significant loss of life or property losses/damage/theft at the levels of tens of billions of dollars.)
According to many of the experts, the answer is "yes". It's not really a yes or no question when you think about it, though, because it's difficult to anticipate the extent of the damage such an attack would cause. However, the vast majority of the experts do think a big attack will happen, because the battlefield is about to get a lot bigger.
Up until now, many people think that cyberattacks just amount to stolen credit card numbers or computer viruses or something. That's not really the case. While your Mastercard and MacBook are valuable things to protect, the technology that relies on the industrial internet are much more valuable. That includes things like high-speed trains, water treatment facilities and nuclear power plants. The list goes on and on.
The scary truth of all this is that the list is about to grow exponentially, as new internet-connected technology comes into play. The reality of the internet of things is that connecting more things to the internet means creating more vulnerabilities. "Current threats include economic transactions, power grid, and air traffic control," Mark Nall, a program manager for NASA, told Pew. "This will expand to include others such as self-driving cars, unmanned aerial vehicles, and building infrastructure."
Well, damn it. We should have seen this coming sooner, but internet technology evolved terrifically quickly. As for NSA counsel Joel Brenner explained in a column last weekend, "The Internet was not built for security, yet we have made it the backbone of virtually all private-sector and government operations, as well as communications."
The one comforting thing about this pretty frightening survey is the simple fact that a lot of very smart people are working improving cybersecurity. Even NASA's lending a hand! However, the notion of a catastrophic attack is especially scary because there doesn't seem to be anything that you or I could do about it.
There are some things, however. Little things, like locking down your passwords (or getting rid of them altogether), using two-step authentication for everything, encrypting absolutely everything, and, well, just being more aware of cybersecurity in general. Those little things add up, and the more individuals improve their cybersecurity, the better our overall cybersecurity will become.
One other thing you do: Hug a hacker. Well, not literally, but if anyone's going to help us beef up our cyber defences, it's going to be the hackers that know what it's like to play offences. That's why agencies like the NSA, CIA and FBI actively recruit hackers, and they're maybe even willing to change their rules to accommodate more! So it's important for everyone to be nice to these computer smart people. We need as many white hats as we can find. [Pew Internet via Defence One]