I listened to an excellent podcast recently between MIT computer scientist Lex Fridman and cybersecurity expert Nicole Perlroth about the growing threat of cyber attacks.
I had a few takeaways from this episode that I thought I would share here.
- Firstly, over the past few years, cyber attacks have becoming increasingly sophisticated, larger in scale, and more frequent. Just looking at recent history, we can see that this growth hasn't been linear: it seems we've been experiencing an exponential rise in security breaches in the digital space by every metric (ie. size, frequency, sophistication).
- Secondly, there are no parallels with here with nuclear weapons. Firstly because there's an attribution problem when it comes to cyber attacks: nation states can sponsor non-state groups to carry out cyber attacks on corporations, governments, or critical infrastructure. It's not always simple to tell where the attack came from or who initiated it. This is radically different from a missile being launched from x place and landing in y place. Secondly, because of their distributed nature and low entry requirements: cyber attacks can come from anywhere and anyone with access to the internet.
- Thirdly, we need to assume the worst. Assume your information is out there and you've already been hacked. Also assume that in any major geopolitical conflict, there's a risk of cyberwarfare escalating and resulting in the shutting down of infrastructure. State sponsored cyber attacks can quite possibly turn the lights off and shut down the internet, so be prepared.
As we push deeper into the 21st Century, it seems like all of these problems are only going to escalate. Cyber attacks are an efficient and effective weapon for both state and non-state actors to deploy. As more and more of our society becomes digitized and connected, we become increasingly exposed.
The chances that anyone reading this makes it through the next decade without experiencing some sort of cyber attack or ransomware attack that causes a major inconvenience is extremely small.
So this is a basic reminder for me, and one I think it's worthwhile passing on as well: turn on two-factor authentication, backup any data that you can't afford to lose, and act online as though you've already been hacked (this way, if/when it does happen, it's not a big deal).
I think I'll consider picking up Nicole Perlroth's book on cyber security in the near future.
If you're interested, the full podcast is here: