There is no stealth in space. You can see a rocket burn anywhere between here and past Pluto, or any object of room temperature on infrared at the same distance. You cannot hide a spaceship. It is much the same thing in cyberspace. Anyone on the internet can attack anyone on the internet.
Yet across the gulf of space, minds that are to our minds as ours are to those of the beasts that perish, intellects vast and cool and unsympathetic, regarded this earth with envious eyes, and slowly and surely drew their plans against us.
H.G. Wells, War of the Worlds
All systems on the internet are continuously under attack. Your phone, your laptop, your smart refrigerator, your nannycam that you use to watch your children — they are all targets. Some of them have already been hacked and are now drones in a botnet, unbeknownst to you.
There are many motivations for cybercrime. Sometimes people hack your system because it’s your system. Sometimes they do it because it’s a system. Sometimes they do it to use it as a tool against an entirely different target.
Motivation is important because you need to understand a threat model to defend against it. Are you defending against your own government? Are you defending against the advanced persistent threat of a different government, like Google was in 2009? Are you defending against a targeted hacker that wants to spearphish you into wire transferring your company funds to the wrong wire transfer address? Are you defending against an undiscerning hacker that wants to cryptojack your system and hold your files for ransom? Are you defending against your abusive significant other who wants to stalk and control you? The best approach for one threat isn’t right for another.
In certain circles, a lot of ink has been spilled on AI explosion, the Singularity, and so on. From my perspective, any speculation in that regard has to make unjustifiable assumptions and tends to predict the unpredictable. More importantly, I do not fret about Skynet, because the Golems are already here.
A golem is a fictional creature from Jewish folklore. It is a clay being animated by an inscription that follows directions. I’m thinking less of the mythological version and more of the modern interpretation, whether in the comic fantasy of Terry Pratchett or in the generic mythos of Dungeons and Dragons.
The internet is filled with animated hammers ceaselessly hammering. Do you run an obsolete version of some software with known security vulnerabilities? The animated hammers will break in, because there is a directory of all known instances of that software on the internet, and there is a hammer hitting each one to see if it cracks or not. When the hammer breaks into one, it uses it to send out more hammers.
Security by obscurity is increasingly impossible, because nothing is obscure. There is no stealth in space or in cyberspace. Everything has to be secure by default, because the window of time between vulnerable and hacked is ever narrowing.
We live in an age of artificial stupidity. Perhaps someday soon we’ll build a human-level artificial stupidity, an artificial general stupidity if you will. Until then, we live in a world of animated hammers.
Leo on Tech 