blog Crikey columnist Bernard Keane has developed a nasty habit for pouring cold water all over ‘cybersecurity’ experts and government spin-doctors, who have constantly hyped-up perceived IT security dangers and Internet attacks into the kind of “cyberwar” scenarios that IT security vendors have wet dreams over. We’re sure ASIO, the Defence Signals Directorate and a bunch of other G-Men in black will be over shortly to arrange Keane’s compulsory education campaign. Better encrypt that data, Bernard — I’m sure ASIO would love to have a trojan keeping watch on your iMac. In the meantime, Keane’s still pumping out doubt-filled copy on this issue. The latest deconstruction is of the over-hyped Four Corners report last night (what else) that claimed a major breach of ASIO’s building blueprints. Probably Keane’s hero paragraph (we recommend you click here for the whole piece):
“The only solid material to emerge from the report was what anyone who works in IT already knew: some companies and government departments fail to do the basics of IT security, from using decent passwords (or at least change them from the factory default), keeping up-to-date with software patches, and not having confidential material on publicly-available servers. This is less “cyberwar” than the equivalent of leaving your front door unlocked so opportunist thieves rob you instead of going somewhere a little easier.”
We couldn’t agree more. This kind of basic IT security failure is the kind of issue which Australian Governments have consistently fallen prey to — not sophisticated ‘cybersecurity attacks’, but simple rootkits and emailed trojans, usually with no real nefarious purpose apart from adding additional machines to a botnet. AFR columnist Chris Joye, who appears to have no real experience in the IT security field, can wax lyrical all he likes about the so-called “Internet wars” going on at the moment. But as Keane points out, much of this whole debate is just fluff and hot air. Hardly surprising, is it, when most of those involved in the conversation have zilch in the way of technical qualifications.