Is Your Company Ready for the Next Cyber Threat?
Author: Ray A. Rothrock
Pub Date: April 2018
Print Edition: $29.95
Print ISBN: 9780814439241
Page Count: 256
e-Book ISBN: 9780814439258
Buy the book:
GETTING A HANDLE ON OUR NETWORKS
As individuals and as businesses, we rely on our digital networks to enable and amplify our greatest strengths. Even as they do this, however, they simultaneously enable and amplify our most dangerous vulnerabilities. Digitally enhanced connectivity is the mother of all double-edged swords. It opens us to unprecedented levels of opportunity and exposes us to equally unprecedented levels of risk. Were it not for digital networks, Target Corporation would likely consist of no more than a handful of stores, if it existed at all. A pickpocket might prey on a random customer, once in a while stealing a wallet. A purse snatcher might make off with the occasional purse. A strong-arm robber might force the cashier to empty her till. Whatever mishap occurred, however, would be local and limited. For both merchant and criminal, a non-networked world offers sharply limited opportunity.
Although it had invested handsomely in digital security, Target Corporation came off looking desperately clueless that 2013 holiday season. No offense to Target, but its people were even more in the dark than this step-by-step consideration of the breach suggests. For while Target thought of itself as the victim of a particular criminal attack, it was actually the victim of a global civilization so intensively networked that the most remote lives and destinies, invisible to one another, cross, interact, collide, and embrace every moment of every day. A refrigeration contractor based in Sharpsburg, Pennsylvania, opens an email attachment and infects his computer, which thereby connects the second-largest retailer in America, headquartered in Minneapolis, Minnesota, along with as many as 70 million of its customers, to predatory thieves working out of Odessa, Ukraine, on the other side of the planet. These malefactors may be part of organized crime networks linked to governments in Moscow or Kiev.
The cost to Target, banks, and credit card companies added up to hundreds of millions of dollars. The cost to individual customers? By the time Target issued a press release on December 19, 2013, Kelly Warpechowski, age twenty-three, living in Milwaukee, had already been notified by her bank that “someone in Russia had spent $900 at ‘an oil company’ using her card.” That very night, the Navy Federal Credit Union alerted Jamie Doyle, a sailor from Chesapeake, Virginia, that he was the victim of fraud. He was at sea, deployed on a Navy warship, at the time, but his wife, Tracy, went shopping the next morning only to discover that her debit card had been drained. “We were literally going in to buy our Christmas dinner, and we had no money.” Neither Target, nor Kelly, nor Jamie, nor Tracy saw the connections. How could they have?
Yet we all need at the very least to recognize that the connections exist. In his 2016 book The Seventh Sense: Power, Fortune, and Survival in the Age of Networks, consultant and author Joshua Cooper Ramo writes of how “linking our bodies, our cities, our ideas—everything, really—together introduces a genuinely new dynamic to our world. It creates hyperdense concentrations of power. It breeds fresh chances for complex and instant chaos. To follow the logic of the French philosopher Paul Virilio for a moment, ‘When you invent the ship, you also invent the shipwreck. When you invent the plane, you also invent the plane crash.’ Surely we can count on the network to invent the network accident—and many of them.” Ramo observes that the “pre-network instinct to fear Chinese! or Fear Spanish! is the wrong one. . . . Fear deflation? Fear ISIS? Fear the RMB [Chinese Yuan]? Such fear reflects a blindness. Finance, terrorism, and currency change when they are connected. It’s the network we should be nervous about.”
Yes! Target should have been “nervous about” their network. Yet when they were warned, not once but twice, that intruders were in their house, they did nothing. If an intruder had walked in the front door of a Target store, strolled through a checkout lane, and held up a POS, they would at least have called the cops. Why did they ignore alarms that detected a cyberintruder? According to cyber-security experts The Daily Mail interviewed in 2014, Target is routinely “bombarded with alerts. They get so many that they just don’t respond to everything.” In fact, as The Daily Mail pointed out, the FireEye software Target used “has a function that automatically deletes malicious software, but it had been turned off by Target’s security team before the hackers’ attack.” This is what “the vast majority” of FireEye’s users do because there are so many false positives. An “automated” security system requires “love and care and feeding,” according to the experts the British newspaper talked to. “You have to watch it and monitor it.”
Excerpted from DIGITAL RESILIENCE: Is Your Company Ready for the Next Cyber Threat? by Ray A. Rothrock. Copyright © 2018 Ray A. Rothrock. Published by AMACOM Books, a division of American Management Association, New York, NY. Used with permission. All rights reserved. http://www.amacombooks.org.
Search the full text of this book
Search Full Text of
For single copy purchases of any AMACOM title, you can connect directly to the online retailer of your choice, from the list below, to buy the title you have selected. Most of our links will take you directly to that title on the site, making your shopping experience easier. You can also visit your local retailer, and if the book is not on their shelves they can special order it for you.
Retailers: Please contact us to change or add a listing.
Buying in Bulk?
We have very competitive discounts starting at 5 copies, as well as personal service, for bulk orders. Simply contact our Special Sales Department. Call 800-250-5308 or 212-903-8420 and ask for Special Sales. You can also email: SpecSlsWeb@amanet.org