Tuesday, September 23, 2008

Pentagon Hacked by Chinese Military!

Students wonder "am I safe" at home, in regards to their computers. I always think of it as levels of security. Let's look at the example of a car.

First of all, the purpose of a car key was to prevent cars from being stolen. Okay, so people found a way around that one. Well, how about locking doors? Still not theft proof. How about a car alarm? Do people even look anymore? LoJack? It can be disabled. Automatic engine shut off? That doesn't stop me from towing your car away.

Point being, to a sufficiently motivated car thief, your car isn't safe. A lot of what we do for car security is so that people move on to another car and leave ours alone.

The same thing applies to computer security. Anti-virus? Check. Anti-spyware? Check. Fully updated operating system. Check. Software firewall? Check.

Safe? No. Safer, yes.

Could someone really hack you? Let's put it this way. A little over a year ago (Sept 2007), the Chinese military apparently hacked the Pentagon's computer network.

If the Pentagon's systems are not safe, how can you be?

Just remember this, no security system is foolproof. All you are doing is making yourself a less likely target.

Web Link

1 comment:

David J. Csuha, CPP, CFE said...

Hello Eric,

I'd just like to add an addendum to this post. An often overlooked facet of information security is that of human intelligence or HUMINT as all of the U.S. 'alphabet agencies' call it.

When thinking about information security, we must address how much information WE give away on sites like MySpace and the like. How many people overhear our cell phone conversations with our banking or credit card institutions? How many people STILL have their passwords written on sticky-notes under their keyboards?