Like canaries reacting to gas in the old coal mines, today’s cyber-criminals are constantly showing us the extraordinary vulnerabilities of our interconnected digitally-driven society, but we seem to just ignore the warnings. In the event of a major conflict or terrorist cyber-attack we will regret our repeated failures to lock every door.
There is a mistaken impression that all criminals are stupid and lazy; the truth is that many are very clever and industrious, working extremely hard at their chosen “trade.” In some ways modern criminals still operate like the old sneak thieves who would try every door in a large hotel looking for the one or two that a careless guest may have left unlocked.
Technology provides untold millions of new doors for criminals to try and networking makes it possible to try them from anywhere on earth. Present-day criminals search relentlessly for that one mistake or weak link that allows access and, like their predecessors, failing to find an open door they will also use force and/or subterfuge to gain access when necessary.
Recently, as many as 80 million customers of the nation's second-largest health insurance company, Anthem Inc., have had their account information stolen by hackers. The information included at least “names, birthdays, medical IDs, Social Security numbers, street addresses, e-mail addresses and employment information, including income data.”
At the same time, Intuit's TurboTax temporarily suspended e-submissions of all state tax returns after “agencies discovered a spike in fraudulent returns.” According to the San Jose Mercury News, the company had “put the brakes on processing the returns after receiving an alarming number of complaints from states about documents being filed using stolen personal data.” They have since lifted the suspension after working with security experts.
Put those two incidents together and the potential for massive fraud is obvious, but fraud only costs money; a dedicated enemy can use the same or similar weaknesses to wreak havoc on our entire society.
There was a time when the potential for disabling the nation’s air traffic control system, power grid, transportation, and communication assets from a central location with sophisticated or even simple overload cyber-attacks was pure science fiction – but no more – it is real and it is here.
The question is, will we heed these dire warnings and take the appropriate protective actions or merely dawdle around until it’s too late?