Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsSystemic Cyber Risk: A Primer
Link to tweet
Tweet text:
Jon Bateman
@JonKBateman
As the West braces for Russian cyberattacks, the risk of large-scale cyber disruption has probably never been higher.
How vulnerable are we to systemic cyber events, and what can be done? My new piece w/ @David4C1 @NickNmb @beauwoods: https://carnegieendowment.org/2022/03/07/systemic-cyber-risk-primer-pub-86531 /1
carnegieendowment.org
Systemic Cyber Risk: A Primer
While systemic cyber risk has become a hot topic, it deserves even more (and closer) attention than it has so far received. How serious and widespread is systemic cyber risk, and what should be done...
12:31 PM · Mar 8, 2022
Jon Bateman
@JonKBateman
As the West braces for Russian cyberattacks, the risk of large-scale cyber disruption has probably never been higher.
How vulnerable are we to systemic cyber events, and what can be done? My new piece w/ @David4C1 @NickNmb @beauwoods: https://carnegieendowment.org/2022/03/07/systemic-cyber-risk-primer-pub-86531 /1
carnegieendowment.org
Systemic Cyber Risk: A Primer
While systemic cyber risk has become a hot topic, it deserves even more (and closer) attention than it has so far received. How serious and widespread is systemic cyber risk, and what should be done...
12:31 PM · Mar 8, 2022
https://carnegieendowment.org/2022/03/07/systemic-cyber-risk-primer-pub-86531
INTRODUCTION
There is growing concern about systemic cyber riskthe possibility that a single failure somewhere in cyberspace could cause widening ripples with catastrophic consequences. Whereas most cyber events have a narrowly defined set of victims, a systemic cyber incident could do damage on a national or even a global scalethreatening the digital infrastructure that entire societies, economies, and governments rely on to function. In the last few months alone, two very different events illustrated distinct versions of the problem.
On November 24, 2021, Chinese cybersecurity researchers disclosed a severe vulnerability in Log4ja low-profile software utility embedded in millions, or perhaps billions, of consumer devices and enterprise systems around the world.1 The security flaw could permit hackers to take total control of vulnerable machines with relative ease.2 The job of fixing Log4j fell to a team of volunteer programmers at Apache, who took two weeks to release a security patch. By that point, the hacking had already begun. The first patch was then followed by a second patch and a third patch, as more security gaps were uncovered. Meanwhile, organizations struggled to apply these patches because Log4j is often hidden underneath layers upon layers of other software packages.3 Experts predict it will take years to fully resolve the issue. Until then, innumerable victims remain vulnerable to state-sponsored hackers, ransomware gangs, and other bad actors.4
Compare the Log4j incidenta slow-rolling crisis actively abused by malicious actorswith another recent global event that was shorter, sharper, and completely accidental. On October 4, 2021, billions of users worldwide lost access to all Facebook services, including Instagram and WhatsApp. This happened because a small error during routine maintenance had unexpected and cascading consequences.5 An errant command was entered, and a bug in Facebooks auditing systems mistakenly allowed the command to run, disconnecting all data centers. Misjudging the situation, Facebooks DNS servers reacted by automatically halting public advertisements, blinding the internet to Facebooks online location. Meanwhile, widespread network failures blocked Facebooks IT staff from accessing the affected systems, even physically, to restore them.6 Although the outage lasted only six hours, that was a lifetime for many small businesses, family networks, and others reliant on Facebook for their daily needs.
These different incidents point to a common set of underlying problems. While organizations and consumers have more tools than ever to protect their data from loss or compromise, improvements in individual defense have been offset by a heightened risk of systemwide events. Many sectors of the global economy now rely on the same set of critical technology products and services, concentrating risk into an unknown number of possible failure points. The potential for catastrophe increases as developing nations further digitize and as activities that were previously separated from the internetlike medical care or transportationbecome networked. The worst cyber events can now cause bodily harm or deaths, political crises, and multibillion-dollar economic losses. As digital networks interlink with the physical world in complex, dynamic, and opaque ways, many observers fear new forms of fragility that no one understands.
*snip*
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
1 replies, 345 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (6)
ReplyReply to this post
1 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
Systemic Cyber Risk: A Primer (Original Post)
Nevilledog
Mar 2022
OP
SheltieLover
(57,073 posts)1. Stock up on food, get cash & print bank statements.