Why we are vulnerable?
Human beings are vulnerable and that’s why there are laws to protect them. Cyber world is our innovation and it cannot exist without interdependence. Interdependence has many byproducts and one of them is vulnerability. In the new internet era, task allocation will happen in one side of the globe and the execution on the other. And we expect it to propagate the information all around the world.
Internet is like a galaxy on earth. We store data in clouds, situated miles away from us. The cloud is built for keeping infinite amount of data and that’s what we have there. Internet evolution reduced the distance between countries and continents. And it allowed companies to extend their supplier and client base anywhere round the globe.
This was the story of cyber world evolution. We were at the beginning where simplicity and elegance mattered most than security. Adolescent stage has its ups and downs. But today, we can do almost anything from our mobile phones, on which many services and tools are available for free. We can even send signals to our coffee maker to make some coffee before we reach home. But while we setting up our playground, we forgot about bullies who likes to take our lunch money.
It was Christmas for the bullies because the playground was vast and walls where fragile. Attacking in cyberspace has become a very productive trade due to the fact that it controls our lives. The focus of early stage internet’s architecture was on comforts, not security. Even in the advanced (and complex) architecture we have built over the years, our modes of protection is still stuck with the random number of letters we enter before the entering a secure area, while our adversaries are like ghosts, they show up in a moment and leaves without a clue. The vastness of the cyberspace have granted them the luxury of being invisible and invincible. They are never held in court for the damage they cost. In some nations, these kinds of rules don’t even exist.
The Cybersecurity teams do not have access to Supercomputers to scan the whole internet database and pin down on one IP and say “gotcha”. And to make things worse, there is no such thing as ‘the whole database’ so that we can scan and identify. Even if the security experts block entry points to stop adversaries, they will find another way to get in. The unawareness of the end-user has always been the doorway to the intruders and until the end-users start seeing business value Cybersecurity brings to a company, we will continue to be vulnerable.