The CP ricochet column: IT security seems overwhelmed
Maybe it’s just me, whenever I see a shadow of Edward Snowden and the NSA’s Prism logo flashing on every so-called vulnerability. Or is it because there are more and more of these gaps and no one is wondering where they all come from? It doesn’t seem to matter where the hardware and software comes from, whether it’s from the USA or China, Great Britain, the EU or Russia – there are always “gaps”.
Ever since IT began believing that the cloud was a cheaper solution than an on-premises server, backdoors and thus attacks from outside have continued to increase and are supplemented by new risks. Never since the beginning of digitization has the number of attacks been as high as it is today – and the trend is rising. Neither the state nor providers want to accept that IT has not become more secure with the cloud. On the contrary, laws similar to the “Patriot Act” are being enacted worldwide, which require gaps in software and hardware in order to hack foreign systems “in the name of security”.
Discussion round on the topic “Zero Trust”
The most recent example is the Pegasus software, which has been known for years but has hardly been discussed until recently. It takes on smartphones from Android to iOS and is presumably also used by the BKA. If it weren’t for journalists or organizations like Amnesty International, who knows if we would have reported on it at all. And Pegasus is not the only cyber weapon used by governments against journalists and critics from their own populace.
Without the cloud, Darknet and digital money, the sabotage of public institutions and companies would not be possible to the known extent. Whether it is domestic, foreign or criminal extortion is less relevant for those affected – but not for democracy and society as such. What attackers will be able to do in an over-digital world goes far beyond even Orwell’s dystopian “1984”.
Sensitive data, whether private or from companies, must be secure, encrypted like in a safe and not freely available on the dark web. External access to this data should only be possible via lines that are tap-proof. Providers who cannot or do not want to guarantee this should be denied market access.
No, the desire for fast internet, work and consumption around the clock, which is always generated, is no reason to keep all doors and windows open to data thieves. Even if corporations and secret services want it.
See you soon, your ricochet!
The ChannelPartner author “Querschläger” is a specialist retailer from Rhineland-Palatinate. All comments of the CP “ricochet” can be found in the “ricochet” archive.