Today I was reading several different articles about cyber-terrorism which explained how our nations infrastructure is in danger. You see, terrorists may or may not be interested in attacking the internet or using the internet as an attack method. Personally, I believe that attacks through the internet will not appeal to most terrorists. These scum (and I apologize to all scum everywhere for the comparison) are more interested in big explosions and massive destruction.
These articles were a little alarming to me, however, because they all pointed out an interesting fact. There is simply too much data available for anyone to see on the internet.
This is not a new problem - it's been known for years and various publications and agencies have occasionally pointed out the issue. Unfortunately, many people did not get the message.
More specifically, it's important to understand what needs to be publicly available on the internet and what is not needed at all. It's shear folly to place floor plans, wiring diagrams and other similar data on the public network as (a) this information is not really needed by the public, (b) it does not need to be made available to criminals and terrorists.
Another issue that's a problem is actually providing control capability from publicly available networks. Think about this: is it really important to provide the control systems for, say, a water district (open dams and pump water) as functions on the internet? Even though these are password protected, is it really wise? Are these things that you want any public to be able to get to at any time?
Did you know that you can get floor plans for many government buildings, wiring diagrams of water districts and security plans for various organizations right off the internet without even trying very hard? As it turns out, government web site are in even worse shape - you can get so much information from these sites that it boggles the mind.
Is it really necessary to be able to get birth certificates, for example, right on the public internet? While it might be convenient, I think that this kind of information is should be given slowly via snail mail or perhaps even a trip to the county hall of records. There is an inherent defense in keeping data off the internet all together.
The point is really simple. Individuals need to use discretion in what they put in the internet to prevent criminal acts such as identity fraud. Companies should never publish sensitive data of any kind that can be accessed from the internet simply to protect their own trade secrets and value. And, of course, utilities and government organizations survived just fine for hundreds of years without the internet - and I don't see any real need for them to all make everything available at all times.
We don't need to help terrorists and criminals do their missions, after all, do we?
Connect with me
Unless otherwise noted, all photos and text is Copyright © Richard G Lowe, Jr.