The Bottom Line: We Saw Them Coming
Network architects won't say they told you so, but ... they told you so.
Everyone who believes that what was dubbed “The Great Technical Glitch of July 8” was incontrovertibly a mere coincidence and not a coordinated cyber attack, raise your hands. Before you shake your head and stop reading, consider this: The institutions those IT mishaps shut down represent the economy (New York Stock Exchange), transportation (United Airlines) and communications or freedom of speech (The Wall Street Journal). Not to go all X Files on you or propose conspiracies around every corner, but dismissing the possibility that it was more than mere chance isn’t so far-fetched.
Much has been written about society’s increasing reliance on technology. We write, we talk, we agree, we shake our heads and wring our hands, but what we don’t do is acknowledge the far-reaching consequences of a cyber attack. It’s no longer just a matter of losing information, but now a long arm reaching into citizens’ lives, as the recently revealed hack of Office of Personnel Management files attests.
Perhaps the most ironic element of today’s cybersecurity dilemma is not only that we saw it coming but we also agreed from the start that security had to be a part of networking at the start. Not a nice-to-have. Not an add-on. Not an afterthought.
Industry made the first moves by advertising encryption capabilities in SIGNAL Magazine 30 years ago. Military personnel described the vulnerabilities that new networked systems created in articles such as “New Approach Identifies Malicious System Activity,” which appeared in the magazine nearly 25 years ago.
Engineers developing futuristic military capabilities such as those described in “Twenty-First Century Army To Embrace High Technology” in the July 1992 issue stated “areas of research that offer especially great potential to affect new high-technology systems … include security.”
Aware that networking would facilitate industrial spying, even large companies admitted they could not go it alone to secure their communications. In another 1992 report in SIGNAL Magazine on testimony before the House subcommittee on economic and commercial law, companies asked for government assistance. James E. Riesbeck, then executive vice president of Corning, stated the espionage problem would worsen and corrective steps must be taken to safeguard corporate communications.
The bottom line is that human life and technology are inextricably intertwined. It doesn’t matter if adversaries or out-of-date software cause a disruption. What’s obvious is that the potential ill effects of disruptions to network-dependent organizations—and individuals—were predicted even as benefits of networking were being conceived. They weren’t dismissed; in fact, the need for security was so apparent that the architects believed installing incorporating safeguards were a given. Now that the proverbial Pandora is out of everyone’s CPU, recent events demonstrate that we must dare to be obvious.
To listen to what industry has to say about cybersecurity, go to the free AFCEA Resource Library to watch the video of the Defensive Cyber Operations Symposium industry panel featuring representatives from DISA, HP, Microsoft, Cisco, AECOM Management Services and IBM.