Hacking - the end of the internet is nigh!

A news release today by the ABC here in Austrailia has indicated that Governemnt departments are increasingly under attack from various Hacker "agent" around the globe.
ABC News Article - Hackers targeting Australian Electronic Secrets
The article makes reference to up to 20 break in attempts per day. And raises serious concerns about international cyber espionage activities.
The news cast video in the article makes interesting viewing IMO

The above refers to only known attacks or attacks that they are aware of. Many attacks would be undetectable I would imagine.

Some of the questions for me as a web designer are:

Does this mean that ultimately in a few short years the internet is going to be rendered virtually a commercial and Governmental no-go-zone, where any web presense is simply not worth the trouble of maintaining?
Even today, if one is engaged in internet activity such as posting to this forum or using various news services, the chances of your interface device whether that be a desktop, or mobile device being already infected are quite high. In fact the presumption of "infection" with malware and spyware is becoming increasingly necessary to avoid major surprises.

Does this mean that in a few short years all devices connected to the internet will have to be considered as risky and effectively unsecured devices?

Does the internet service provider (ISP) that gives you this net access needs to take more responsibility for the security of it's clients? [ As the ISP provides the gateway to your device directly]


care to discuss?

 

Log in or Sign up to hide all adverts.

I expect one day, I'll fund a dump posted online somewhere containing the secret recipes for Fosters and Vegemite.

 

Log in or Sign up to hide all adverts.

Or you will think you found it yourself, when in fact your hijacked browser took you there instead...[chuckle]

 

Log in or Sign up to hide all adverts.

i was talking to someone the otherday about our organisation implimenting electronic medical records and one of the comments made against it is the level of attacks the goverment electronic medical records have sustained. They are being atacked on a more than daily basis (which i find more disterbing than DOD or DEFAT being atacked) by high level hackers and i honestly cant see why. The records are to personal to have much use as a group, its not billing records which could be scamed its only the medical records

 

Then you haven't bothered thinking about it OR made any attempt to check it out. Selling medical records is a HUGE on-line business! A quick Google search on "selling medical records" returned over a half-million hits. Have a look for yourself: https://www.google.com/search?hl=en&output=search&sclient=psy-ab&q="selling medical records"&btnK=

 

sure but all but two of those are US, one was from australia about a doctor selling records with no names atached to marketing and another from the UK. Basically the question to be asked is what would the point be? If you think its about selling medications then you have no idea about the system here, even if you could convince a legitimate med company to use the infomation they would be arested for marketing perscription only drugs to the general public which is illegal, you cant do it here.

So the question goes back to where is the benifit? there wont be any finantial data in there, the only group who cares about a medicare number is the goverment themselves and you cant use it for marketing so what are you going to do with it?

 

One thing if you enjoy swimming, NEVER pee in the pool or where you swim will have a bright yellow hue.

Much the same can be said about "Hacking(skript-kiddie-ing) and the internet". Back in the day when Bulletin Boards were where you went to get your binaries and everybody that could access a network did so via Telnet, Hackers of the period have a chivalry code of conduct, where they knew that screwing around with the networks would just cause tighter controls to be deployed on such networks and even changes in legislation. Skript-kiddies nowadays are like older kids hanging out in a younger kids play area, defacing it with graffiti and busting up all the rides. The harsh reality is that the networks they think they are so clued up on will likely get hit by a legislative spike and all those freedoms they took for granted will just be stripped away.

In fact you could suggest that those in power want to see those hackers and skript-kiddies mess the networks up, just so they can push their legislation.

- "While Knowledge is Power; With Power comes great Responsibility."

 

I wonder though whether the notion of legislation is moot or will become moot as the internet evolves in to a seething mess or crawling, searching, hacker scripts all automated and feeding and evolving as they move through out the worlds URLS looking for lessons to lean and havoc to generate.

It strikes me as quite feasible that someone will launch a self sustaining super bug in the very near future that has the potential to literally shut down the entire web in less than 48 hours after inception and keep it shut down.

This is, or dare I say should be, a considerable worry as commercial and even legislative dependancy on a functioning web increases.

A deadly scenario:

Zero day bug: 2 billion machines infected with a super virus.
Intention of virus : shut down the entire web in a way that is virtually permanent.
Force hard drive replacement rather than reformatting. [threat of reinfection extremely high]
Force chip set replacement due to corruption of the read only data. [threat of reinfection extremely high]
Force node collapse due to DOS attacks.
Force well defended sites into isolation.
Replicate, firewall, and mirroring.
Self sustaining, self learning and self replicating, web bot generator, with out any human controls at all available.
Include mobile devices such as mobile phones and tablets in the scenario and realise that any platform with a processor [system clock for example] can be utilised as a sanctuary for such a virus.

Yep the web and mobile telephone networks are wide open to such a devious assault. The commercial losses and communications confusion would be astonomical.

The problem is that when commercial parties are considering a web presence that involves a franchise or multi point accounting and point of sale system, they now have to consider what Russian/Romanian/Chinese/American syndicated extortion means and what DOS attack extortion means and just how vulnerable they are to being shut down. There is not a single URL that is able to be protected from a concerted and prolonged Denial of servive [DOS] attack especially if it is well funded and properly strateg-ized.

 

Its easy to get carried away with worst-case scenarios, but what real evidence do we have to indicate things are headed down this path?

Cloud-based computing has helped to make failover and multiple redundancy ubiquitous and easily achievable.

The pirate bay has managed to stay highly functional despite many attempted blockings by governments and ISPs globally.

It seems to me that the availability of services and information online is higher than ever before, but with this comes an increased dependency.

I think you are right in that there is great potential for commercial losses for entities heavily reliant on the internet for operations and revenue. There are different mechanisms for mitigating this risk, but they would need to be evaluated on a case-by-case basis.