At Internet Evolution
, Gideon J. Lenkey
notes that Boeing's
computer networks are attacked
by outside intruders 3,722 times per hour
. Under an onslaught like that, it would seem perfectly reasonable simply to turn everything off and go home. But Lenkey has something interesting to say:
The hardest part is that the vast majority of the attacks are actually false alarms. What often looks like an exploit turns out to be a random bit of data that has the same signature as known malware. In other cases, it does turn out to be a legitimate attack, which made it all the way through the border defenses but did not successfully exploit its target. Even though the attack wasn't successful the security personnel responsible for the network must treat it as if it were, until they can prove it wasnÂ¿t.
Why, he wonders, aren't there better security
solutions that can somehow filter this noise in a less expensive and labor-intensive way? While we wait for something like that, Boeing has taken the drastic step of requiring smart cards for all users at all times for all kinds of access. It's a drag but apparently an effective strategy. Lenkey's final point is both amusing and scary:
An organization that doesn't monitor its network feels safer than one that does, because they don't see the attack volume. Ignorance truly is bliss when it comes to cybersecurity. Once your eyes are open, though, you can't close them again - there's just no getting that genie back in the bottle.
How open are your eyes? -- Don Willmott