On May 12, in the wake of the hack into the Colonial Pipeline that shut off gas supplies to millions of Americans, President Biden issued his “Executive Order on Improving the Nation’s Cybersecurity.” Whether the timing was coincidental or not, the latest interference with the U.S. infrastructure so dependent upon technology found to be flawed was yet another wakeup call. The question, however, is whether President Biden’s call to action is too late
As one person who closely follows these issues wrote to me, “No matter what protection the government or private sector contractors may devise, including 2FA; Zero Trust; USB or other physical tokens; voice, facial, iris, retinal capillary, DNA or fingerprint recognition; or any-number-of-bit encryption, bad actors will always find holes in whatever security mechanisms the good guys design.”
Others speculate that even with today’s ubiquitous knowledge of cybersecurity threats, the most sophisticated software providers fall prey to their inadequate designs as demonstrated by so many “critical” Zero Day holes discovered within mere hours of a new software release. And sometimes fatal flaws are discovered many years later and not by the original designers, but by hackers. For example, numerous press reports claim that there is a fatal and irreparable flaw in Intel chips released in the past 5 years:
• 5 years of Intel CPUs and chipsets have a concerning flaw that’s unfixable
• An Unfixable Flaw Threatens 5 Years of Intel Chips
• A major new Intel processor flaw could defeat encryption and DRM protections
Despite these threats, the entire world continues an unrestrained rush to control more and more essential services on the grid. As quantum computing, AI, and Big Data initiatives continue to ramp up, it creates a double threat: First, that hackers will grow in orders-of-magnitude for faster penetration into the grid (because that’s where the money is). Second, that the increased amounts of stored data will result in the exponential increase of vulnerability and damages if hacked.
So I ask this question: Should there be connectivity on the grid with essential services? A handful of near-genius hackers can beat 1,000 average programmers every time. Those average programmers are compartmentalized to design only one small module of the million-line program and none of them see, much less understand, the Big Picture. Just because we can use ones and zeros to run our lives and provide the services we need to survive doesn’t mean we should. It remains to be seen whether President Biden’s Executive Order will make a difference and temper the insane rush to control the world from a cellphone. If we don’t come to our senses, maybe all we can do is just wait for the next, and final, wakeup call.