FacebookTwitterRedditEmail

In Cybersecurity, Decentralization and Diversity are Strength

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the New York Times reports, fears “ransomware” attacks against America’s voter registration systems in the run-up to the 2020 presidential election. In response, it’s launching a program that “narrowly focuses” on protecting those systems.

A laudable goal, to be sure, but should we accept the premise? It goes almost without saying that CISA, created only late last year, is casting about for ways to justify its existence and its $3.3 billion annual budget. Is this a real problem? And is CISA the organization to solve it?

Yes, “ransomware” and other types of cyberattacks are real problems. They threaten the integrity of any computer systems they target, which means any systems connected to the Internet or even accepting data from external sources like potentially contaminated flash drives (most early microcomputer viruses reached their targets when users inserted contaminated floppy disks; no Internet needed).

On the other hand, the federal government’s track record on securing its own systems, let alone anyone else’s, is remarkably poor.  Millions of Americans have had their personal information exposed in hacks of the Office of Personnel Management and other government agencies.

And on the third hand, the worst way to respond to a diffuse set of threats against a large number of systems is to centralize that response, especially in terms of requiring or encouraging the operators of all those systems to adopt the same systems and the same security measures.

Suppose that every front door of every building in the world was secured by one model of lock, made by one company. A flaw in that model of lock would be a flaw in every front door. Anyone who could exploit that flaw at a building down the street or across the country could exploit that flaw at your house too.

Or suppose that every variety of vegetable had one genetic weakness that allowed a particular blight to infect it. Once that blight hit your neighbor’s tomatoes, it could easily jump to your bell peppers and your neighbor’s cucumbers.

The world’s computing power is already far less diverse than you might think. It’s dominated by a few processor architectures, a few operating systems, a few server software packages, a few browser engines.

That’s convenient, even necessary, to the increasingly automated and interconnected world we’ve created over the last 30 years or so. But it’s also a source of vulnerability — vulnerability we shouldn’t compound by centralizing cybersecurity solutions under a federal agency’s leaky umbrella.

Our state and local election systems are safer to the extent that an attacker has to find 50 or 500 different ways to hack 50 or 500 of those systems, instead of one way to hack them all.

More articles by:

Thomas L. Knapp is director and senior news analyst at the William Lloyd Garrison Center for Libertarian Advocacy Journalism (thegarrisoncenter.org). He lives and works in north central Florida.

Weekend Edition
August 14, 2020
Friday - Sunday
Matthew Hoh
Lights! Camera! Kill! Hollywood, the Pentagon and Imperial Ambitions.
Joseph Grosso
Bloody Chicken: Inside the American Poultry Industry During the Time of COVID
Jeffrey St. Clair
Roaming Charges: It Had to be You
H. Bruce Franklin
August 12-22, 1945: Washington Starts the Korean and Vietnam Wars
Pete Dolack
Business as Usual Equals Many Extra Deaths from Global Warming
Paul Street
Whispers in the Asylum (Seven Days in August)
Richard Falk – Daniel Falcone
Predatory Capitalism and the Nuclear Threat in the Age of Trump
Paul Fitzgerald - Elizabeth Gould
‘Magical Thinking’ has Always Guided the US Role in Afghanistan
Ramzy Baroud
The Politics of War: What is Israel’s Endgame in Lebanon and Syria?
Ron Jacobs
It’s a Sick Country
Eve Ottenberg
Trump’s Plan: Gut Social Security, Bankrupt the States
Richard C. Gross
Trump’s Fake News
Jonathan Cook
How the Guardian Betrayed Not Only Corbyn But the Last Vestiges of British Democracy
Joseph Natoli
What Trump and the Republican Party Teach Us
Robert Fisk
Can Lebanon be Saved?
Brian Cloughley
Will Biden be Less Belligerent Than Trump?
Kenn Orphan
We Do Not Live in the World of Before
Kollibri terre Sonnenblume
Compromise & the Status Quo
Andrew Bacevich
Biden Wins, Then What?
Thomas Klikauer – Nadine Campbell
The Criminology of Global Warming
Michael Welton
Toppled Monuments and the Struggle For Symbolic Space
Prabir Purkayastha
Why 5G is the First Stage of a Tech War Between the U.S. and China
Daniel Beaumont
The Reign of Error
Adrian Treves – John Laundré
Science Does Not Support the Claims About Grizzly Hunting, Lethal Removal
David Rosen
A Moment of Social Crisis: Recalling the 1970s
Maximilian Werner
Who’s Afraid of the Big Bad Wolf: Textual Manipulations in Anti-wolf Rhetoric
Pritha Chandra
Online Education and the Struggle over Disposable Time
Robert Koehler
Learning from the Hibakushas
Seth Sandronsky
Teaching in a Pandemic: an Interview With Mercedes K. Schneider
Dean Baker
Financing Drug Development: What the Pandemic Has Taught Us
Greta Anderson
Blaming Mexican Wolves for Livestock Kills
Evaggelos Vallianatos
The Meaning of the Battle of Salamis
Mel Gurtov
The World Bank’s Poverty Illusion
Paul Gilk
The Great Question
Rev. Susan K. Williams Smith
Trump Doesn’t Want Law and Order
Martin Cherniack
Neo-conservatism: The Seductive Lure of Lying About History
Nicky Reid
Pick a Cold War, Any Cold War!
George Wuerthner
Zombie Legislation: the Latest Misguided Wildfire Bill
Lee Camp
The Execution of Elephants and Americans
Christopher Brauchli
I Read the News Today, Oh Boy…
Tony McKenna
The Truth About Prince Philip
Louis Proyect
MarxMail 2.0
Sidney Miralao
Get Military Recruiters Out of Our High Schools
Jon Hochschartner
Okra of Time
David Yearsley
Bringing Landscapes to Life: the Music of Johann Christian Bach
FacebookTwitterRedditEmail