At Internet Evolution, Gideon J. Lenkey notes that Boeing’s
computer networks are attacked by outside intruders 3,722 times per hour. Under an onslaught like that, it would seem
perfectly reasonable simply to turn everything off and go home. But Lenkey has
something interesting to say:
The hardest part is
that the vast majority of the attacks are actually false alarms. What often
looks like an exploit turns out to be a random bit of data that has the same
signature as known malware. In other cases, it does turn out to be a legitimate
attack, which made it all the way through the border defenses but did not
successfully exploit its target. Even though the attack wasn’t successful the
security personnel responsible for the network must treat it as if it were,
until they can prove it wasnÂ¿t.
Why, he wonders, aren’t there better security solutions that
can somehow filter this noise in a less expensive and labor-intensive way?
While we wait for something like that, Boeing has taken the drastic step of
requiring smart cards for all users at all times for all kinds of access. It’s
a drag but apparently an effective strategy.
Lenkey’s final point is both amusing and scary:
An organization that
doesn’t monitor its network feels safer than one that does, because they don’t
see the attack volume. Ignorance truly is bliss when it comes to cybersecurity.
Once your eyes are open, though, you can’t close them again – there’s just no
getting that genie back in the bottle.
How open are your eyes?
— Don Willmott