Cybersecurity must be open, replaceable
Late last month the Internet was brought to a grinding halt due to a distributed denial of service (DDoS) attack launched from millions of infected web-attached devices. And in international news, US officials formally accused Russia of attempting to subvert the US elections via hacking.
I spent eight years fighting pay TV hackers for broadcasters such as DirecTV, BSkyB, and STAR TV back when I worked at News Digital Systems, and during that time, I learned a few things about cyber security that I believe are relevant today:
1. Hackers have budgets and business plans. Hollywood has taught us to think of hackers as misfit socialists and lonely anarchists out to destroy our capitalistic society. Nothing could be further from the truth. Hackers have business plans, and they hack systems that will make them the most money. In the pay TV world, this means the more viewers a broadcaster attracts, the more likely that broadcaster is to be hacked. It costs a lot of money to hack a system – it requires many man-years of effort as well as millions of dollars of sophisticated equipment. A broadcaster like DIRECTV, with over 20 million subscribers, is a large enough target to justify the up-front investment.
2. The newer a system is, the less secure it is. When a system is initially designed, it inevitably has security flaws, because system architects seek to build a system that works and do not think like hackers, looking for holes in system security. It takes time for security holes to be discovered and closed. This means newer platforms, like operating systems for Web cameras or microcontrollers that run connected cars, are more likely to have security flaws than more mature platforms like Windows for PCs.
3. The weakest link in security is people. Long before there was cyber crime, there were con men who knew how to trick people out of their money. In the computer era, nothing much has changed. The weakest link in any security system is people who can be tricked into giving up their passwords and other sensitive information. The only fix for this is constant education for your users so they can identify and thwart this kind of attack.
4. Fighting hackers alone is a losing battle. Suppose your company has developed a software product that is an attractive target for hackers. You may have dozens of bright engineers working for you, looking for potential security breaches and closing them as soon as they are discovered. But look at the force they are trying to stop – thousands of experienced hackers across the world working with large budgets and state-of-the-art equipment. It’s an inherently unfair fight — one that your company cannot possibly win, no matter how many clever engineers you hire. As The Art of War explains, because you are playing defense, you have to be strong everywhere, while the hackers, playing offense, only need to be strong in one focused area.
5. The open source community can help. Fortunately, you do not have to fight the hackers alone — you can enlist your own army of thousands of clever engineers: the open source community. At first this sounds like a paradox. How can revealing a secret to everyone make it more secure? But security is not the same as secrecy, because motivated hackers can break any security system based exclusively on a secret, either by social engineering or reverse engineering. In fact, secrecy is a terrible way to achieve security, because it means only a few people have thought through the security mechanisms. True security is based on having thousands of smart people pick apart your security design to find and fix the flaws before hackers can discover them. The open source community is ready, willing, and able to contribute, and they have an excellent track record. For example, the AES encryption algorithm, which is the gold standard for computer security, was designed and debugged in an entirely open process involving the world’s finest cryptographic minds to ensure its resilience and reliability.
6. Security must be replaceable. Assume that, if the price is right, your system will be hacked. Take a lesson from the Great Wall of China – eventually the invading hordes will get through. The only solution is to design the system so that the security can be replaced once it is hacked. For web-based systems, this is fairly easy, since the security algorithms exist in software on a central web server that you can easily update. For pay TV systems, security algorithms are encoded in hardware and software on a smart card that is inserted into the TV set top box. When the system is hacked, the broadcaster can simply replace the smart card, which sends the hackers back to square one, trying to break a brand new combination of security hardware/software. There is no knock-out punch in cyber security – it’s a constant cat-and-mouse game, and replaceable security gives you the agility you need to stay one step ahead.