By: Kareem
So apparently the U.S government is getting sick of losing so many battles to hackers. They’re building a fake internet to model the real internet so they can practice defending against attacks from hackers. All while hackers are busy on the real internet finding real vulnerabilities to exploit.
I don’t blame the government, I’d be a little concerned too if people kept hacking my servers and users. However I really don’t see this doing much in the way of helping defend against cyber attacks. First off the government seems to think that defending all of our electric grids and sensitive information is only worth $500 million. A drop in the bucket compared to how much is spent on other security issues. That amount will buy you a whole lot of college-educated ‘security experts’ and probably 0 hackers. What the government dosen’t seem to understand is that hackers for the most part are not bad people. That’s why we have the term cybercriminal. Hackers are defiantly poking around on systems all over the world, but very few want to do more than just take a peek or earn bragging rights. If the government considers this a ‘war’ than they better start learning their enemy and stop going after the people who might have the skill and be willing to help. Secondly, this is a control environment, their whole test web can be reset and wiped at any time… not a very good thing when there are people on the real internet taking advantage of the fact it can not be shutdown, using zero-day exploits and other various means that are fairly difficult to reproduce. Hackers tend to be the type that look for a way around, over, under or through whatever obstacle is preventing them from getting access. Well I can see the benefits of a controlled environment to test on, I really don’t think they have the know-how to take advantage, they are, after all the ones who left the vulnerabilities there in the first place.
My biggest beef by far coming out of all this is the fact the U.S government wants to treat hacking as an act of war. This is just plain stupid. Hackers are not ‘warriors’ they are smart, curious people. Treating them like warriors and forcing them into a situation where it’s us vs them is a terrible thing for any government to do. Attacking your own citizens for pointing out your stupidity and oversight is not the way to win over anyone or stop any hacker. What they should do is extend an olive branch. Allow hackers to stay anonymous and put them to work defending against foreign attacks. Tap the resource that is their minds, the same minds that spend countless hours learning the ins-and-outs of computer systems in order to get around barriers. These are the only people that are skilled enough and willing enough to spend all day and night hacking and sending you the information you need to defend your servers. Unfortunately this will not happen. The U.S government will turn hackers who were just curious before into their greatest enemy. An enemy with no face, no country, nothing to lose and that if pushed too hard (see Sony) will own your systems with no remorse or regret, no matter how many ‘fake’ internets you create or how many 9-5ers you hire.
So let this stand as a caution to the U.S government. If you go down this route there is no turning back, if you decide to try and catch hackers you will get a pretty nasty surprise. You should just sit back ignore them and let them do their thing. Go ahead and hunt down the ones who are criminal, no one will fault you for that. But leave the lulz (and I don’t mean LulzSec) alone. Thank your god that they haven’t had good reason to show their teeth and don’t start wars you know you can’t win. It’s like Canada trying to invade America by building a small ‘America’ in their county and working on different invasion tactics. You will have the same success they would if they were dumb enough to try.
Related Stuffs:
Source: BBC
No comments:
Post a Comment