Big, open, and active make a network thrive. Think of the telephone system, e-mail, Facebook. More users make a network more valuable, which brings more users, which brings more value. That’s the “network effect.” It has supercharged the reach and efficiency of manufacturers, financial institutions, shipping companies, power generators, and virtually every enterprise and individual connected to the Internet.
But with size, speed, and sprawl comes vulnerability. Basement-dwelling hackers, mobbed-up cyber thieves, and government-backed spy agencies specialize in network breaking and enterings. In a Monitor cover story (click here), Adam Segal, a specialist on cybersecurity at the Council on Foreign Relations, details China’s aggressive hacking of computer networks around the world. His report reveals why China feels its snooping is justified and how the United States and other nations – which do this, too, but to a different degree – are trying to counter it.
My first glimpse into the power and vulnerability of a computer network was in the early 1970s. United Press International, where I worked at the time, was replacing its clattering teletypes with computer monitors and phasing out the operators who’d punch code onto paper tape and throw manual switches to direct news and information to newspapers and radio stations. The new system was fast, quiet, and – even with honking big cathode ray tubes – seemed space-age.
One night, a few bored editors on the overnight shift began puttering around. They discovered the new system’s security flaws. Unpublished information in one news bureau could be read by people in other bureaus. News wires far away could be controlled via a few simple codes. No crimes were committed during this investigation; no business protocols were breached. But that insight has stayed with me ever since (yes, I was on that overnight shift). Networks are inherently vulnerable. The thing that makes them great – speed, distributed control, openness – is both strength and weakness. UPI tightened network security, but no network is ever totally secure.
Fast-forward through four decades of accelerating digitization of everything – electric grids, military communications, high-tech R&D – and you get an idea of what is at stake. One example: Investigators suspect that widespread blackouts in Ukraine late last year might have been triggered by Russian malware that a worker accidentally let in when he clicked on an e-mail link.
What’s to be done? It’s pretty simple, really: Be careful. As innocuous or urgent or official as a link in an e-mail may appear, think twice before clicking on it. Did the FBI or IRS or Apple ask for your password? Don’t give it up. If they are for real, they’ll get in touch another way. If, like most people, you use a credit card online, check to make sure you are entering your number on a secure site (“https” and a padlock icon are good clues).
Mainly, beware. Our networks open doors, improve decisionmaking, enhance commerce, connect us. Each user adds value. Each user is a potential way in for a hacker. Let’s be careful out there.