Could the Internet be the next ‘failed state’?

If you think the Internet can go on being just like it is, here's some bad news. In the New York City of the late 1970s, things looked bad. The city government was bankrupt, urban blight was rampant, and crime was high. But people still went to the city every day because that was where everything was happening. And despite the foreboding feelings hanging over New York at the time, the vast majority of those people had at most minor brushes with crime.

Today the Internet looks a lot like 1970s New York City. Low-level crime remains rampant, while increasingly sophisticated crime syndicates go after big scores. There is a cacophony of hateful speech, vice of every kind and policemen of various sorts trying to keep a lid on all of it—or at least, trying to keep the chaos away from most law-abiding citizens. But people still use the Internet every day, though the ones who consider themselves "street smart" do so with varying levels of defenses installed.

The recent rash of major breaches of corporate networks, including the theft of personal information from the health insurer Anthem and the theft of as much as a billion dollars from over 100 banks are symptoms of a much larger trend of cybercrime and espionage. And while the issue has been  again been raised to national importance by the White House, it could be argued that governments have done more to exacerbate the problem than address it. Fears of digital warfare and crime are shifting budget priorities, funding the rapid expansion of the security industry and being used as a reason for proposals for new laws and policy that could reshape the Internet.

The alternative futures for the Internet are not pretty. In presentations at multiple security conferences, it was suggested that the Internet could “start to look like Somalia”—a failed state where security is impossible, going about daily life is hazardous, and armed camps openly wage war over the network.

This analysis has been reinforced by events over the past two years: record data breaches, zero-day vulnerabilities released that affected a preponderance of Internet services, and visibility into the vast state surveillance of the Internet. The Internet has been “weaponised,” not just by the NSA and its foreign counterparts but, by other states and Internet crime organizations. A thriving market for vulnerabilities attracts the bright and ambitious to work on discovering "zero days" for profit.

Five years ago, Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council of the United States, was on a team advising the Department of Defense about the structure of its future IT workforce. To do that, the team needed to understand what the networked world would look like in the next decade. Healey was researching the issue, and he started to look at scenarios where “maybe the future is going to look very different from the past,” he said. “Attackers have had an advantage for 35 years—what if that relationship is going to shift?”

The potential answers Healey found were presented in a 2010 paper. He further refined them in a 2011 article in the Georgetown Journal of International Affairs called “The Five Futures of Cyber Conflict and Cooperation.” The most optimistic and least likely of Healey’s scenarios was a “cyber paradise," he told Ars. "Defense is way better than offense—you’d have to be really amazing, like the NSA or KGB, to get anything done as an attacker.” But as he looked at trends, he realized that maybe the classic relationship above wouldn't be shifting. “It’s way more likely that it’s going to go in the other direction—that offense is going to have a significantly larger advantage than it does now.”

In the long run, the security and safety of the Internet is going to only be solved by technology, not laws. Internet Protocol version 6 was supposed to solve many of these problems, but most of the world is still on IPv4; Windows as a service may fix many computers, but there are still millions running Windows XP.

There's only one thing that's guaranteed at this point: the computer security community won't be facing a job shortage anytime soon.

http://arstechnica.com/information-technology/2015/02/fear-in-the-digital-city

« Memex – The new search tool for the Deep Web
Snowden Ready to Return to the US 'if he can get a fair trial' »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

SQA Service

SQA Service

SQA Service provide independent software and process Quality Assurance services.

EIT Digital

EIT Digital

EIT Digital is a leading digital innovation and entrepreneurial education organisation driving Europe’s digital transformation. Areas of focus include digital infrastructure and cyber security.

DirectDefense

DirectDefense

DirectDefense is an information security services and managed services provider.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

VerSprite

VerSprite

VerSprite is a specialist information security consulting firm. We provide organizations with detection across all their attack surfaces and deliver critical insight into all possible attack methods.

Solidified

Solidified

Solidified is the largest audit platform for smart contracts. Our community has the highest concentration of top Blockchain security specialists and best-in-class code auditors.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Flix11

Flix11

Flix11 is a Cyber Security & ICT Solutions focused company. We provide a range of products and services in Cyber Security, Internet of Things (IoT) and infrastructure solutions.

Guidehouse

Guidehouse

Guidehouse is a leading global provider of consulting services to the public and commercial markets with broad capabilities in management, technology, and risk consulting.

Hong Kong Broadband Network (HKBN)

Hong Kong Broadband Network (HKBN)

HKBN are a leading integrated telecom and technology solutions provider that offers a comprehensive range of premier ICT services to both the enterprise and residential markets.

Atakama

Atakama

With Atakama, data remains encrypted until the very moment it is used, and the ability to decrypt is based on zero trust architecture.

Computer Services Inc (CSI)

Computer Services Inc (CSI)

CSI is a leading fintech, regtech and cybersecurity solutions partner operating at the intersection of innovation and service.

Immunefi

Immunefi

Immunefi provides bug bounty hosting, consultation, and program management services to blockchain and smart contract projects.

Battery Ventures

Battery Ventures

Battery partners with talented founders and teams building category-defining businesses at all stages of growth.

Guardian Angel Cyber

Guardian Angel Cyber

Guardian Angel Cyber, is your trusted ally in safeguarding your digital assets and online presence.

RealmOne

RealmOne

RealmOne addresses the most challenging issues in the realms of defense and cyberspace, adapting to the continuously changing demands of our national security customers.