Have you ever had one of those dreams where you’re in a long hallway? Like at a Holiday Inn. And then when you start walking toward the end of the hallway, the end of the hallway gets further away. The end of 2020 seems to be like that for a lot of us. This has been one helluva year, and it is fully intent on going out kicking and screaming.
Now, I know most of you may think I’m referring to the election, or politics, or wearing masks, or vaccines, or any of that nonsense. I’m not. Today, I’m talking about my day job. Cybersecurity. Wait. Don’t leave. Keep reading.
Throughout all of the past year or two, cybersecurity has gone to the middle or back burner for a lot of us. Not that it was really on the front burner for anybody, but you get my meaning. However, leading up to the election, there was an increased focus on security around our election and security around our infrastructure. There is an abundance of evidence that our security of our election was good. Great, even. You can find people who disagree with that, but have yet to provide any evidence to the contrary.
However, this week, we learned of a very detailed hack was going on this whole time – but not on the election – this one was on the government infrastructure itself. I won’t bore you with the details because it is pretty boring. Just know that Russia likely infiltrated some software that thousands of companies and nearly the entire US government uses. This software allows monitoring of critical equipment, and by hacking that software, may have gained access to all kinds of stuff. The information is just breaking, so the depth is not yet known. But it looks pretty bad.
On the positive side, our election went great! On the downside, Russia might have access to everything.
This would be a great time to look for someone in charge of our critical computer infrastructure – except he got fired a couple weeks ago by the president. But don’t worry. This isn’t laying all of the blame at Trump’s feet. Because this isn’t the first time Russia has done this. It happened in the mid-twenty teens and the Obama administration wrote it off as garden variety spying, refusing to impose sanctions.
For people in the cybersecurity industry, it’s been a bad week. My point is that there is a need for leaders across the country — from the White House, to the office of the dog catcher — to either be better educated about just how dangerous our cybersecurity posture is, or get out of the way and let educated people fix it. The United States holds important information at the government and corporation level. Information that China and Russia and all kinds of other people would love to get. And, sadly, it just requires a little bit of elbow grease right now to get it. Until we get serious about stopping it, anything you save is simply as secure as posting a recipe on Facebook.
It’s more likely, however, that you stopped reading this after the first paragraph. Which is what most politicians do. “It’s computer stuff.” And therefore nobody pays attention. Nobody funds countermeasures. Nobody cares when stuff like this happens. Which makes the worst part of this column being that as bad as 2020 is, it’s going to repeat in 2021.
(Get more scary thoughts from Chris Kamler by checking out his Twitter account at @TheFakeNed)