|< Day Day Up >|| |
One of the more unique twists that Baley Montag puts on cyberattacks in ExopaTerra is the method by which attacks occurred. There is certainly a large amount of hacking and illegal system access. However, the damage done with the BART system, railroad switching devices, pipeline control systems, and financial services systems is perpetrated by individuals who are trained in IT and understand exactly how to use the software on control system computers.
In the past it was generally a disgruntled insider who had enough knowledge about a system to sabotage operations. Random and even deliberate hackers may know how to access systems and damage files and impede operations. However, such damage may be relatively easy to deal with and recover from.
As terrorists become more sophisticated, and there is little doubt that they will, defenders need to prepare for the possibility that the attackers may know just as much about the system they are attacking as the defenders. The attack on the railroad system in ExopaTerra is perpetrated by a engineer in Korea who is being threatened by the loss of his family if he did not cooperate with the terrorist organization.
When financial incentives have failed, terrorists and criminals have forced many people to cooperate with them through threats of violence, blackmail, or holding family members hostage. This is not likely to change in the future. It also has rather serious implications for IT managers when products are being selected and deployed across the enterprise.
It is very important to measure, as a part of the total cost of ownership, the security that comes with a product. This translates into examining what type of security the creator of the product has for source code and client or customer records. It applies equally to service organizations that provide coding, network design or management, and security planning and implementation. It is seriously time to add trust and security to the price tag of all IT products.
|< Day Day Up >|| |