Are Americans still in control of their own security?
Whether it is the American army, companies or the NSA, the world’s largest intelligence agency, the security of these organisations seems fragile, to say the least, at a time of hacking and industrial espionage. A new report commissioned by the US federal government provides an excellent illustration of this by revealing that defence equipment and materials are very poorly protected. Testing has made the extent of the problem clear, since some systems have vulnerabilities that could allow a hacker, even a fairly mediocre one, to enter the system in just an hour and even take control during the course of a day. If we add that the hacker’s “presence” inside the system might not be detected for another week or two, we have an idea of the potential for disaster.
Security: better performing external companies
However, what seems even stranger when reading the report is that specialised software developed by external companies is much safer than that developed internally by the Department of Defence! Moreover, the private sector could not tolerate such failures for long, as David Edelman, former secretary of Barack Obama’s cyber security specialist, reported, denouncing them. The question of money then arises in the public debate. How can we contemplate spending huge sums of money to produce weapons without guaranteeing their safety? In fact, the authorities put the media boom into perspective by arguing that the testing was carried out during the production cycle and that the loopholes have since been plugged.
Chinese flea safety questioned
What do those companies think that have recently learned that Chinese chips have, without their knowledge, been embedded in their servers and information systems to collect highly sensitive data? Because according to Bloomberg, well over 30 large companies are involved! The Chinese secret services allegedly obtained these spy microchips directly from a chip manufacturer and inserted them into the motherboards supplied to manufacturers. Supermicro, the incriminated company is defending itself even though one of its chips was found hidden in an ethernet cable attached to one of its customer’s servers. However, the share price fell by more than 40% as soon as this probable scandal was announced. However, it is important to reassure the Americans, since the Big Four, and Amazon, in particular, denies any attempt to hack into their servers, which are sometimes used to store sensitive information and not only our personal data or purchasing behaviour (as Amazon does for the CIA).
Internal security to review
It will be recalled that last year, it was the NSA that was the victim of a major cyber-attack by the hacker group “Shadow Brockers”. NSA software had found its way onto the market, and into the hands of Russian hackers, confirming Edouard Snowden’s alarmist comments, revealed by the Guardian newspaper. It seems more important for American intelligence agencies to develop new tools to attack the enemy than to ensure the protection of their own data. We can legitimately be challenged by this vision of the internal security of the most influential country on the planet. Should information security still be considered a national issue?
Should information security still be considered a national issue?
It is worth recalling that in France, the websites of 56% of companies had “serious” security breaches in 2018, according to the report presented by Wavestone to the Assises de la Sécurité security conference in Monaco! Information system security remains a crucial issue around the world, and there is no reason to believe that this can only happen to others!
To read also : Can smart cities truly be safe?