Cybersecurity: drawing the battle lines
Computers are dumb. They do what they are told to do, and that’s it. Powerful as they are, computers cannot (yet) make decisions on anything like a human level. If a nasty piece of code gets injected into a computer, it will execute it - unless other software tells it not to. The computer doesn’t ‘know’ that the code is undesirable. This makes it possible for morally questionable people with the right skills to recruit armies of zombie computers into botnets, bombard websites with traffic to make them fall over, hack the brakes on your car remotely, spy on you via your webcam, turn off your pacemaker, steal your money and blow up your local nuclear power station.
Motivations for nefarious cyber-activity vary. A home personal computer, a bank, a hospital and a military network face very different threats, even when they use similar underlying technology (dumb computers). The hoodlums might want information, money, someone’s identity, more money, revenge, the eventual triumph of a perceived moral or ethical purpose, the downfall of a government, or the election of a politician. Or they might just be doing it for kicks. Whatever the motivation, if they are able to talk to computers in the right way, they can make them do almost anything they want.
This is why we need cybersecurity – to prevent such skulduggery. Without it or with an inadequate level of it, businesses, individuals, infrastructure and even countries are at risk.
Good cybersecurity requires strategic planning including risk management and disaster recovery plans for when breaches and infections do occur. It also requires regular vulnerability assessments and penetration testing to be as sure as possible that the defences will hold up in the event of a real attack.
The threat is so pervasive that governments are investing in training the next generation of cybersecurity wizards – see our article Hogwarts for Hackers on one such program at Bletchley, the historical home of code-breaking from World War II.
And businesses can turn to cybersecurity consultants like LufSec to conduct risk assessments, implement security plans, promote information security culture and train staff.
In our digital age, there is little difference between keeping hardware, software and data secure and building a medieval fortress. Hordes of mean, ugly folks are out to breach our castle walls and take it over. Just make sure you keep that boiling oil good and hot.