Gongol.com Archives: November 2022
The first phase of Internet security gave users the impression that the digital world was one dominated by random attacks by bandits hiding in the shadows. In that paradigm, the best defense was to come "armed" with a gunslinging sidekick in the form of a good anti-virus program that would protect you from the random, unpredictable outlaws out in the wild. ■ The good part of this paradigm was that it encouraged antivirus makers to compete with one another on quality. Rivalries, benchmarks, and side-by-side comparisons made it possible to evaluate the best. The bad part was that it did nothing to prepare the public for the next phase of Internet security. ■ That new phase is one in which it isn't so often the hardware that gets hacked, but instead it's the people. Once a vulnerability is discovered in a piece of hardware or software, patches can be coded, distributed, and installed. But people are not so easily patched. ■ What's needed next is an adjustment in which people realize that for all the Internet does to speed up many activities, the most important reaction for many people is to know when to slow down -- when to implement two-factor authentication (which slows things down), when to wait for secondary verification of information (which slows things down), and when to pick up the phone for a call or a text message to validate that a friend or colleague really sent a convincing-looking message with an unexpected link or an attachment (which, again, slows things down). ■ We aren't good at slowing down for our own safety. But there's only so much security that can be obtained by hiring protection. A fairly substantial revision of expectations is in order. The gunslingers still have their part to play, but the vastly more wicked and complex threats of today -- attacks like spearphishing and ransomware -- put far more of the balance of responsibility on the individual connected user. And until we start to upgrade our own personal defense mechanisms as quickly as software developers can patch their programming vulnerabilities, it's going to be people who are targeted most often -- and most effectively.