Although some computer in the world can be hacked. Neither computer, whether it is an individual computer in your home or workstation CIA director in his office, it is impossible for one hundred percent protection against kiberproniknoveniya. Despite all the discussion about cyber defense and the billions of dollars allocated to improve the protection of the municipal and personal sectors (only the Pentagon in 2012 allocated 3.2 billion. Dollars), and the PIN of your bank account, and hidden documents in the computer President Obama remains vulnerable. The main difference between these objects — the number of people who own the necessary skills, time and resources to engage these potential targets.
There is a common misconception that you can guarantee a perfect cyber security, if you put enough money into the protection and proper use procedures that limit access. Terrible truth is that we live in an era of offensive potential advantages in kibersrazheniyah. For example, spices, specializing resistance test a computer system of our country, in private conversations they say that they successfully hack it in 99 percent of cases, and that in the remaining 1 percent is the defining issue of additional costs and time. There was such a big-name and a questionable principle of the Air Force, "bomber always breaks." The sobering fact of the real state of cybersecurity is that "the attacker always break through." For the foreseeable future cyber attacks will not be equal to itself.
According to some reports, one of our most closely guarded state secrets — the leading technology for multi-purpose fighter-bomber "invisible» F-35, may already be stolen by hackers from China. Available data indicate that they do not overcome the protection of the Pentagon, and extracted information means penetration into the computers at once 9 defense contractors. As a result, we can izderzhat hundreds of billions of dollars and put the future of our Air Force for aircraft drawings which our opponents seem to have been stolen.
Defense contractor should be a high security target, which is likely impossible to crack. Unfortunately, the number of companies that successfully infiltrated kibershpiony is alarming. BAE Systems, Verisign, Citi, Booz Allen, Google and NASDAQ head the victims, all of it in just the last two years. And since most of the companies and municipal authorities ignore cases of successful cyber attacks, the real number of victims may be substantially higher.
Nedavneshnee disclosure of details of the origin of Stuxnet and its penetration into the highly protected Iranian nuclear facility at Natanz gives a nice example of the current advantages of offensive cyber operations. The above-mentioned examples from the United States should also serve as a sobering reminder that Iran is not the only country whose sophisticated system vulnerable to cyber excellent equipment and highly targeted municipal opponent.
In the light of such a situation is generally cyber defense make any sense? Yes, cyber defense, even if it can not provide us with absolute safety, plays an important role. According to the disk imaging from Verizon, 96 percent of break-ins are successful because of the wretched protection makes penetration very easy. In truth, most of the low-level cyber threats make bots online probes that have flooded the Web in search of promising to penetrate objects. As warned not long ago, President Obama, a lot of companies are protected poorly, and some have no "even the most basic protection: a decent password. This poses a risk of our social and national safety. " Improved security will better reflect the degree of such simple attacks, freeing patrons time to concentrate on the more subtle dangers of their expensive assets.
Such attention to the simple security will reduce the number of successful cyber-attack from millions of smart hackers to a handful of suspects who own resources and the desire to storm kiberustoychivye system. Stronger than protection, the more money, time and skills required to overcome it.
Politicians need to understand the difference: the absolute cyber security — a myth, but kiberustoychivost — achievable and useful.