Difference between revisions of "The Cybersecurity Mess"

Revision as of 19:14, 20 March 2014

Start with some recent headlines from Info Sec News
1. [ISN] March 19: IRS Employee Took Home Data on 20,000 Workers at Agency
2. [ISN] March 14 Top Gun Takeover: Stolen F-35 Secrets showing up in China's stealth fighter (secrets stolen in Operation Byzantine Hades, circa 2007)
3. [ISN] March 13, 2014: Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It (Businessweek; Target had deployed FireEye, the outsourced security firm in Bangalore noticed the malware, contacted Target's security team in Minneapolis, and nothing was done.)

Today's systems are less secure than those of the 1970s
1. Computers are more complex — more places to attack them.
2. There are multiple ways around each defense.
3. It’s easier to attack systems than defend them.
4. It’s easier to break things than to ﬁx them.

@@ Line 2: / Line 2: @@
 # Start with some recent headlines from [http://www.infosecnews.org Info Sec News]
+## [ISN] [http://www.bloomberg.com/news/2014-03-18/irs-employee-took-home-data-on-20-000-workers-at-agency.html March 19: IRS Employee Took Home Data on 20,000 Workers at Agency]
+## [ISN] [http://www.washingtontimes.com/news/2014/mar/13/f-35-secrets-now-showing-chinas-stealth-fighter/ March 14 Top Gun Takeover: Stolen F-35 Secrets showing up in China's stealth fighter] (secrets stolen in Operation Byzantine Hades, circa 2007)
+## [ISN] [http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data March 13, 2014: Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It] (Businessweek; Target had deployed FireEye, the outsourced security firm in Bangalore noticed the malware, contacted Target's security team in Minneapolis, and nothing was done.)
 # Today's systems are less secure than those of the 1970s
 ## Computers are more complex — more places to attack them.