Cyberspace, for good or ill…

In recent years cyberspace has played an increasingly important role in governments, companies, families and in all our lives.  Little by little it has opened up its own path, offering a host of possibilities that can be tapped into from practically anywhere in the world.

We are also thrilled and delighted to see how it lowers costs, facilitates the sharing of information, opens our business’s doors to the whole world, favours automation and remote surveillance of systems and sites, etc.  This is all to the good. Being able to manage security and open dams from hundreds or thousands of miles away is in principle a good thing. If it also cuts out the need for a 24 x 7 watchman and allows the first level of monitoring to be carried out from remote locations at a price of about €10 an hour, well wonderful.

In fact it is the driving force behind an increasing number of economic transactions and enables us to make administrative arrangements without leaving the house or even while sitting on the bus. It establishes new communication methods and speeds up the circulation of information by means of tree structures or even whole woods of them.

All these advantages, of course, are not confined to people of good will. When combined with complacency about security, unawareness, globalization, patchy legislation and the ease of anonymity cyberspace represents a veritable hotbed for national or industrial cyber spying, for organized crime, swindlers and unscrupulous dealers.

In fact, over the last few months several security incidents have made a big splash in the press, straying beyond the domain of security professionals and grabbing the attention of the public at large.

Some of these incidents are:

  • The headline-grabbing wikileaks
  • Suspicions that the Israeli government is behind the genesis and distribution of the first computer worm to target SCADA systems
  • The recent exploitation of SQL injection vulnerabilities in MySQL pages to extract database information such as user data and executive passwords
  • Unauthorised access to internal equipment of the French Ministry of Finance
  • Theft of information in Cloud Computing: PHPFOG

These juicy news snippets are only the tip of the iceberg.  It seems that only notorious and unquashable cases slip out, while vested interests make sure that many other incidents never see the light of day. Curiously enough, this news breaks out in powerful and advanced spheres of technology and security.

The abovementioned incidents affected US and European organizations and involved nations like Israel, China and this great unknown that is courteously called the “community”.

It would seem logical to assume that in the theoretically less advanced countries most of these incidents go unreported and unnoticed, and this suits organized cyber crime fine.  In other cases an incident might be hushed up for fear of the business repercussions or from shame, and this is an attitude that swindlers eagerly feed off.

Which major organization would be likely to acknowledge of its own accord that its systems have been hacked or are still being hacked without the problem yet being solved?

Author: Javier Osuna
Head of Security & Processes Consulting Division of GMV

Las opiniones vertidas por el autor son enteramente suyas y no siempre representan la opinión de GMV
The author’s views are entirely his own and may not reflect the views of GMV
Share

    Leave a Reply

    Your email address will not be published. Required fields are marked *

      I accept the privacy policy Acepto la Política de Privacidad

    Basic Data-Protection information:

    Data-protection supervisor: GMV Innovating Solutions SL
    Purpose: Answer questions, respond to user complaints and recommendations, receive job applicants resumes and career information.
    Legitimation: Consent of data subject
    Addresses: Grupo GMV companies
    Rights: Access, rectify and cancel data plus other rights, as explained in additional information
    Additional information: You can check out the additional and detailed data-protection information on our website:Privacy Policy

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

    WP-SpamFree by Pole Position Marketing

    2,902 Total Views