The Internet is not as secure as we would like to believe. 1,378,509,261 records were breached in 2016 alone, with 1,792 reported incidences. This is not surprising, considering you can take online courses to learn how to hack.
Basically everything on the Internet is, and will forever be, at risk of being hacked by Organized Crime, other States / Nations, Hacktivists, Script Kiddies, and the like, for various reasons and for some without restraint. So I am encouraging the removal of our government, military, commercial, financial, social services, education, and economic backbones from the Internet. My reasoning is that the Internet is forever being hacked / exploited. Zero day exploits rule the day, with serious hackers coming and going without any notice what-so-ever.
Everyone likes the ease in on-line banking and bill payments, and the distribution of instant teller machines, yet all of this technology is based on systems that are growing impossible to secure. Our economic engines are becoming quite dependent on the Internet.
It’s not hard to imagine what a well timed attack on their economic engine via the Internet could do. In May 2016 the already weakened Egyptian economy took yet another hit from a second terrorist attack (airplane), negatively impacting their tourist based economic engine.
And we know that terrorists and organized crime both use the Internet and are combining forces towards common goals [Sources: NBC News, Security Intelligence].
In 2015, the Director of National Intelligence identified cyber-attacks as the biggest threat to the economy and national security of the United States, despite the threats of extremist terrorist groups and the growing nuclear ambitions of countries such as Iran, China, and North Korea.
Security is an illusion. Internet usage and reliance is increasing. Organized crime groups are becoming global, and are penetrating local interests. Organized Crime is using the Internet to store and launder their monies, while working to hack into sensitive locations for illegal gain. Even other countries hack our systems. All to a negative effect on our economy including loss of revenue, customer trust, availability / reliability, and costs to investigate, remedy, and rebuild trust.
With small scale intrusions and attacks continuously underway, I wonder as to how long it will be before a large, focused attack takes place? When this happens, depending on what is attacked and duration, I wonder as to how much damage will be ensued? And I wonder if we might start thinking then about creating a separate network – off the Internet – thus allowing greater security to our financial, government, and economic systems.
The number of articles published about our governments, research agencies, companies, and our infrastructure being hacked keep coming – and do not appear to be slowing. Here are a random handful:
- http://securityaffairs.co/wordpress/53048/terrorism/isis-surveillance-cameras.html
- https://cybernewsgroup.co.uk/50-hackers-using-lurk-banking-trojan-arrested-in-russia/
- http://themerkle.com/payment-terminal-botnet-collected-over-1-2-million-card-details-since-april/
- https://cybernewsgroup.co.uk/upgraded-dridex-malware-on-the-rebound-hitting-u-s-banks/
- http://solutionsreview.com/endpoint-security/north-korean-hacks-140000-seoul-computers-steals-defense-plans-state-secrets/
- Power Grid Hack – gain control: http://securityaffairs.co/wordpress/47884/security/ics-unpatchable-flaw.html
- Qatar National Bank Hacked – sensitive information retrieved: http://www.ibtimes.co.uk/qatar-national-bank-1-4gb-database-leak-gives-data-customers-journalists-spies-1556787
- Water Treatment Plant Hacked – changed chemical mix: http://www.theregister.co.uk/2016/03/24/water_utility_hacked/
- Electric Utility Hit by Ramsomware: http://thehackernews.com/2016/04/power-ransomware-attack.html
- Power Utility Hacked – 80,000 Lost Power: https://www.wired.com/2016/01/everything-we-know-about-ukraines-power-plant-hack/
- Another Power Utility Hacked: http://www.tripwire.com/state-of-security/incident-detection/dhs-confirms-u-s-public-utilitys-control-system-was-hacked/
- Nuclear Power Plant Hacked: http://www.telegraph.co.uk/news/2016/04/27/cyber-attackers-hack-german-nuclear-plant/
- Yet Another Power Utility Hacked: http://securityaffairs.co/wordpress/43989/hacking/israeli-public-utility-authority-under-attack.html
- Here is a compilation of hacking events that took place in 2016 alone: http://www.itgovernance.co.uk/blog/list-of-data-breaches-and-cyber-attacks-in-april-2016-156687282-records-stolen/?utm_source=social&utm_medium=linkedingroup
Why we continue to put our economy in risk is beyond me. A serious attack could cripple the nation’s finance and trading systems. One single attack could take out the top industry players, crippling them for a long time while another economy advances – or succeeds them through a legit business transfer.
As a country, to reduce our exposure to uncontrolled risk I believe we should:
- improve data and physical securities on our communication infrastructures (Bell, AT&T, etc)
- move systems off the Internet over to these dedicated networks
- implement hardened communications – like fiber connections that count the number of photons used in communications and examine latency times
With this move trust would be restored and issues reduced. This would require more serious attempts as physical access would become more of a requirement than today. And it would seem that former CIA Director Michael Hayden and General Keith Alexander are also on-board, as they also called for a separate, secure Internet to shield vital systems (like the power grid).
So why do we delay?