Many Eccentric readers may have received in the past fictitious emails from specious sources in countries such as Nigeria soliciting your investment funds. These are a thing of the past, together with fictional emails from your best friend in some far away country who has lost all to theft and needs you to send funds urgently. These types of internet fraud are dinosaurs compared with the sophistication of current cyber attacks, though note that these precursors were predicated on the initial theft of your and others email addresses. The Equifax credit bureau attack was massive, executed by cybercriminals, and ransomware hackers demand money to unlock files, estimated at $2 billion in 2017. Compromised business email scams cost approximately $9 billion last year. Viruses have infected most readers’ computers, such as the notorious Not Petya and Bad Rabbit. Today attacks are state-sponsored, state sponsor surrogates (most often from disparate locations), organized criminal hackers, or ill-intentioned individual hackers, many with serious mal intent. Does all this affect Eccentric readers? The answer is a resounding “Yes”. Most readers live and breathe as individuals, as families, and in the workplace, by internet connections, whether via cell phone, a personal computer, or perhaps a more complex computer network at work. Without secure uninhibited internet communications the very nature of contemporary life is challenged. Almost everything that most of us do has internet connectivity. The key problem with cyber attacks is that they are all, without exception, discovered “after the event”, and this is in spite of password protection, encryption, and other means of electronic authentification. The cost of disruption, loss of information, whether personal data or intellectual property, and the time and cost to repair damage, is massive. State-sponsored cyber attacks rely not just on large armies of highly trained cyber attackers, but also robotics that is operating at machine speeds unthinkable less than five years ago. We all live within global networks that are dependent on service providers who are vulnerable. For example, one weak link in a local area network (LAN) or even within a so-called highly secure point-to-point data communications system leads to exploitation. The theft of personal information and technical intellectual property comes at a huge cost to the US economy and national security in a much wider sense than traditional definitions of threats to the US. For example, readers should be aware that the majority of global data communications is via undersea fiber cables at light speeds and data rates that were unimaginable a decade ago. The US and the UK together no longer dominate the undersea cable domain. The Chinese have moved in surreptitiously and as the world’s data demands grow exponentially so is Chinese investment in data communications and control of markets. The Department of Defense (DOD) alone has about half a million routers. The DOD total global network is larger than the worldwide web. Software failures and vulnerabilities, chip malfunctions, design faults, and implants can cause massive disruption. At a personal level readers’ healthcare and financial data are exploitable. At a local and regional level critical infrastructure is vulnerable. At a national level recent events show that elections can be exploited by a range of devious means. As you read this article millions of robotic attacks are occurring constantly, hitting vulnerable systems at machine speeds. The “insider threat” adds to this technical complexity, where employees with systems’ accesses exploit vulnerabilities for financial gain, or, as in the case of Edward Snowden, for betraying our nation’s secrets and intelligence operations. Readers will naturally ask, “Well, I understand the problem, but what can I do, when service providers are failing to protect my personal data?” First, make sure your malware detection system/software for your computer and office/business systems has detection capabilities that predict hackers’ actions and has constantly updated encryption that will beat the latest known hackers’ tools. It is pointless paying good money for software that fails to protect and is dependent on post-attack forensics and patches. Be aware that many legacy systems, such as older WINDOWS, are highly vulnerable to backdoor traps exploited by hackers because there are zero inbuilt capabilities to perform real-time diagnostics. At the strategic level our nation has to accept that the “Fortress Model” adopted by US government departments and agencies has failed, relying on password protection, other authentification, and encryption, that has ignored the total system vulnerabilities at the global level. What is required is a new generation of “Alan Turings” (the World War Two Bletchley Park computer and code-breaking genius) to create the capabilities that will both enable readers to operate their systems with 100% security while still enabling US manufacturers to sell products globally that cannot be exploited by deconstruction and the usual technology mirror-imaging. This is all possible. We have the brain power in the US. It does not require an army of computers scientists, but a small highly capable elite cadre of mathematicians and computer scientists who are in a class of their own. They are out there. I possess two shameful letters from various agencies of the US government informing me that all my vital personal information embodied in my government clearance data was stolen. This will persist unless we all pressure our political leaders and representatives to invest in innovation before our nation is held total hostage to new threats the like of which we have not experienced. This is not scaremongering. If a burglar is knocking at your door to see if anyone is at home you take all and every precaution to protect your home. Regard your electronic devices in the same way, except that the burglar may be using not just multiple means to gain access, but may already be inside stealing your data. My advice for highly personal data documents, particularly anything with your most critical financial data, is to buy a modest low cost laptop that you “never, ever connect to the Internet”. Keep this machine at home and transfer data from it using a thumb drive or by hard copy hand delivery, or mail. I am confident that we have the brains in the US to negate these measures in due course. Meanwhile, be vigilant. Editor’s Note: Dr. Wells has over 50 years experience working for British & US Intelligence. In 2017 he delivered the commemorative Keynote Address before a distinguished gathering of the Five Eyes community to mark the 100th anniversary of the Zimmermann Telegram, an early and brilliant exploitation of communications. He works with a special US-UK group on cyber defense.

Previous articleEarth Day 2018 – Water World
Next articleAsk a Council Member