Monday, October 17, 2011
The relationship between the threat of political violence and Cybersecurity attacks
The Indian political story is markedly different from what happens in the rest of the world. Firebrand politicians make loaded statement to create divides or spur street violence to win votes by appeasing majority sentiment. The police fail to arrest these leaders fearing a mass breakdown in the law and order situation and instead arrest a few minor miscreants. This constant threat of violence ensures that leaders usually get away with actions and statements that are simply unacceptable to Indians at large.
In the security world I see a similar pattern of retribution or vigilante attacks if a business targets hackers. There are two classic examples. The first was Sony; it went after a hacker who disclosed vulnerabilities in the Playstation, and issued threats of penal actions against other who may try to compromise its products, which was swiftly followed by what we all know to be a cyber cyclone which left Sony poorer by $200 million. Later, an arrest of an alleged perpetrator of the first attack led to a follow on attack. Wikileaks was the second example; the retribution was in response to actions taken to shutdown Wikileaks and arrest Assange for the disclosure of US cables.
Businesses now face a tough decision; do they prosecute and eventually make the world a safer place or do they ignore and settle such attacks?