It sure is a busy time for cybersecurity right now. We've seen attacks on the power grid and banks in the past few months, and now it's on to media. Well, at least this time we know (or at least have good reason to believe) the hackers are Chinese.
The attacks, which were carried out on the New York Times, Washington Post, and Wall Street Journal, focused around gathering information about journalists who covered the Chinese government. Investigations are still taking place to figure out exactly what information was compromised, and what the full effects will be.
Now, this is something I started off being fairly nonplussed about. A company that controls non-critical infrastructure was attacked, "this isn't something that affects national security at all," I told myself. Then I realized that if we allow these attacks to go unpunished we have a serious problem. If somebody hurls a brick through a window and steals a bunch of personal information I expect the police to get involved. The same thing should happen if hackers attack a website that contains personal information. Especially if those hackers are supported by a nation's government.
If media outlets can't feel safe to publish pieces that are less than kind to Chinese officials we have a real problem on our hands. Should these sites have had better security? Sure, better security is a good thing to have. Should they be capable of taking on the resources of an entire country? No, I think that's asking a little too much.
We need to put something into effect that makes it so countries can't just attack whoever they want. Even Google had to go to the National Security Agency in 2010 after attacks (that were believed to be associated with Beijing) seeking data on Gmail users were carried out. We can't expect individual companies to be able to protect themselves adequately from organizations with vast resources without some guidance. I know Congress is working on cybersecurity legislation right now, and it really can't come soon enough. It doesn't even need to be particularly good, it just needs to be something.
No comments:
Post a Comment