Melissa Hathaway: Six reasons to care about cybersecurity

melissa hathawayIt’s tempting to think of cybersecurity in the abstract, as something to address someday. If anything drives home the point that the time to act is now, it’s a piece just posted on Harvard Belfer Center by Melissa Hathaway. Hathaway outlines a series of recent events that offer ample proof of the critical nature of the threat. Here’s a rundown:

  1. Conficker worm. Earlier this year, this virus triggered the largest computer worm infection since 2003.  Computers using Windows operating systems that haven’t kept up with security are particularly vulnerable. What’s most scary: One in five business computers lack the patch for this Windows bug, which was first detected in November 2008, says Hathaway.
  2. July 4th attacks. Last summer, both the United States and Korea feel victim to a distributed denial of service attack against thousands of computers and websites. Even now, no one knows who was behind the attacks — or, adds Hathaway, how many control hosts were driving the attacks against America’s infrastructure.
  3. Intellectual property theft. To date, over 150 firms have been targeted for their corporate intellectual property and other proprietary data, says Hathaway. “Our opponents are seeking weapons designs, next generation telecommunications designs, and even proposals that may be used in the next international bid strategy to understand price points and win theme/strategy,” writes Hathaway.
  4. Malware infections. According to Symantec, malware infections rose over 200 percent this past year in Europe, the Middle East, and Africa. That same period oversaw a 47 percent surge in botnet activity, says Hathaway. And be careful with your smartphone; it can be used to access backend systems.
  5. Payment credit card breach. In January 2009, Heartland Payment Systems disclosed that intruders hacked into computers it uses to process 100 million payment card transactions a month for 175,000 merchants, says Hathaway. “When,” she asks, “was the last time you looked at your credit card bill and noticed an extra penny to a transaction?” Probably not often.
  6. Zero-day vulnerability exploitation. Recently, an attack on a UK-based web hosting provider destroyed data on about 100,000 websites, says Hathaway. “The attackers appear to have exploited a zero-day vulnerability in a virtualization application called HyberVM.”

Share your comments here.

You may also be interested in...

Former L3 Exec Richard Hunter Named EaglePicher Technologies CEO

Richard Hunter, formerly president of L3 Technologies' defense electronic systems division, has been appointed CEO of battery  manufacturer EaglePicher Technologies. He will oversee the delivery of battery products that are designed for aerospace defense and health care applications, EaglePicher said Wednesday.

FBI Issues RFI on IT Architecture Modeling, Project Mgmt Tools

The FBI has posted a request for information on software applications designed to help users create information technology architecture models and map a portfolio of IT projects.

Retired Lt. Gen. Kevin McLaughlin Joins Tyto Athene Executive Advisory Board; Jeff Murray Quoted

Tyto Athene announced on Tuesday that Kevin McLaughlin, a retired U.S. Air Force lieutenant general, has been appointed to the company’s executive advisory board. He joins Tyto Athene to assist in the growth of the company’s Department of Defense and cyber strategies.