A couple weeks ago I had something to say about the likely insecurity of 5G mobile networks. I mentioned that the virtualization and ‘softwarization’ of everything was growing the ‘attack surface’ available to both state and non-state actors by leaps and bounds, as well as creating an IT ‘monoculture’ especially susceptible to widespread attack.
As if to provide a demonstration, there have been news stories all week about hackers (supposedly Russian) breaking into government and commercial networks. The unwitting backdoor for this monumental intrusion, an IT company called Solar Winds, reckons that up to 18,000 of its customers have been affected. That’s a lot of networks.
Oh, and the hackers seem to have had access to their victims for six months or longer. Which is long enough to install more backdoors they can activate later, long after we think we’ve cleaned up this mess.
Every networked system based on the scaling up and replication of functions in software is vulnerable to a determined attack.(My new mantra.)
If the launch codes are kept on a server somewhere, they’re probably on someone’s thumb drive right now.
Just kidding. I’m sure they’re safe.