I read a lot of folks, some of whom I agree with, some not, and some that I agree with sometimes and sometimes not. In this case, not so much with these folks, but with a guy named Bruce Schneierwho likens articles like this to hype and hysteria (not a literal quote). While he frequently feels that discussions about a "cyber Pearl Harbor" are overdone, that the threat isn't that severe, I don't share his complete disregard. I don't disagree that there is a lot of alarm being raised by folks who have something to gain from the fear, but that doesn't mean that there isn't a big threat.
This particular article has a lot of "may" and "could be" sprinkled throughout. It does address issues that are true, there have been some particularly severe infestations of networks that went on for years before being detected. The attacks are getting much more sophisticated. The article mentions the recent advice to turn off or disable Java in your systems.
For those within the cyber security industry, "Duh". We've been using separate browsers for years now, one with Java installed for those sites that we regularly have to use that require Java to be enabled.
And our other browser, the one we use for normal surfing the web, without Java in it. And neither browser is Internet Explorer.
Firefox. Chrome. Opera.
This particular article slings phrases like "cyber violence" and "cyber 9/11" looking to spook folks. Phrases just loaded with strong imagery designed to instill fear in the readers. Yeah, there is stuff happening, there has been for years. Yeah, it's getting sneakier. Yeah, lots of folks do the equivalent of leaving their front door open, their back door open, leave their wallets on the front steps, and so on.
This article is beingusedas an example of how pervasive this cyber threat is. They talk about how the U.S. financial system is being targeted, then using an example of a distributed denial of service (DDoS) attack to make their point. A DDoS is where a lot of computers are directed to ask the bank's web server to send them a copy of the bank's home page.
Think supply and demand. When too many folks mob something looking for more of it than is on hand, some do without.
In this case, normal customers that are trying to do their banking business with the bank either may not be able to reach it or experience slow response from the bank site. In cases like this, this is considered a damaging attack because customers are being inconvenienced. More so if they actually cannot get through.
However, a physical version would be a large crowd of people swarming the ATM that you usually use. You are denied access to it while they're swarming it, but the bank is not going down.
In the cyber case, the bank may not be able to put up another ATM, but it hasn't failed nor been compromised. With experience, the bank will learn how to deal with this type of attack to minimize the impact to their operations and the customer experience.
But, cyber violence it isn't.
Neither is it a cyber 9/11.
There is a threat. We do need to take it seriously.
But let us not equate what is really only a cyber flash mob and its effects withresults like this.
20 years in Special Forces doing a number of things in a number of places. Comfortable with a ruck and a weapon whether at 30,000 ft or on the ground. Old enough to know better but young enough to still want to do it. My children and wife keep me young.