FacebookTwitterRedditEmail

In Cybersecurity, Decentralization and Diversity are Strength

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the New York Times reports, fears “ransomware” attacks against America’s voter registration systems in the run-up to the 2020 presidential election. In response, it’s launching a program that “narrowly focuses” on protecting those systems.

A laudable goal, to be sure, but should we accept the premise? It goes almost without saying that CISA, created only late last year, is casting about for ways to justify its existence and its $3.3 billion annual budget. Is this a real problem? And is CISA the organization to solve it?

Yes, “ransomware” and other types of cyberattacks are real problems. They threaten the integrity of any computer systems they target, which means any systems connected to the Internet or even accepting data from external sources like potentially contaminated flash drives (most early microcomputer viruses reached their targets when users inserted contaminated floppy disks; no Internet needed).

On the other hand, the federal government’s track record on securing its own systems, let alone anyone else’s, is remarkably poor.  Millions of Americans have had their personal information exposed in hacks of the Office of Personnel Management and other government agencies.

And on the third hand, the worst way to respond to a diffuse set of threats against a large number of systems is to centralize that response, especially in terms of requiring or encouraging the operators of all those systems to adopt the same systems and the same security measures.

Suppose that every front door of every building in the world was secured by one model of lock, made by one company. A flaw in that model of lock would be a flaw in every front door. Anyone who could exploit that flaw at a building down the street or across the country could exploit that flaw at your house too.

Or suppose that every variety of vegetable had one genetic weakness that allowed a particular blight to infect it. Once that blight hit your neighbor’s tomatoes, it could easily jump to your bell peppers and your neighbor’s cucumbers.

The world’s computing power is already far less diverse than you might think. It’s dominated by a few processor architectures, a few operating systems, a few server software packages, a few browser engines.

That’s convenient, even necessary, to the increasingly automated and interconnected world we’ve created over the last 30 years or so. But it’s also a source of vulnerability — vulnerability we shouldn’t compound by centralizing cybersecurity solutions under a federal agency’s leaky umbrella.

Our state and local election systems are safer to the extent that an attacker has to find 50 or 500 different ways to hack 50 or 500 of those systems, instead of one way to hack them all.

More articles by:

Thomas L. Knapp is director and senior news analyst at the William Lloyd Garrison Center for Libertarian Advocacy Journalism (thegarrisoncenter.org). He lives and works in north central Florida.

bernie-the-sandernistas-cover-344x550
September 17, 2019
Mario Barrera
The Southern Strategy and Donald Trump
Robert Jensen
The Danger of Inspiration in a Time of Ecological Crisis
Dean Baker
Health Care: Premiums and Taxes
Dave Lindorff
Recalling the Hundreds of Thousands of Civilian Victims of America’s Endless ‘War on Terror’
Binoy Kampmark
Oiling for War: The Houthi Attack on Abqaiq
Susie Day
You Say You Want a Revolution: a Prison Letter to Yoko Ono
Rich Gibson
Seize Solidarity House
Laura Flanders
From Voice of America to NPR: New CEO Lansing’s Glass House
Don Fitz
What is Energy Denial?
Dan Bacher
Governor Newsom Says He Will Veto Bill Blocking Trump Rollback of Endangered Fish Species Protections
Thomas Knapp
Election 2020: Time to Stop Pretending and Start Over
W. Alejandro Sanchez
Inside the Syrian Peace Talks
Elliot Sperber
Mickey Mouse Networks
September 16, 2019
Sam Husseini
Biden Taking Iraq Lies to the Max
Paul Street
Joe Biden’s Answer to Slavery’s Legacy: Phonographs for the Poor
Paul Atwood
Why Mattis is No Hero
Jonathan Cook
Brexit Reveals Jeremy Corbyn to be the True Moderate
Jeff Mackler
Trump, Trade and China
Robert Hunziker
Fukushima’s Radioactive Water Crisis
Evaggelos Vallianatos
The Democrats and the Climate Crisis
Michael Doliner
Hot Stuff on the Afghan Peace Deal Snafu
Nyla Ali Khan
Spectacles of the Demolition of the Babri Masjid in Uttar Pradesh and the Revocation of the Autonomous Status of Kashmir
Stansfield Smith
Celebrating 50 Years of Venceremos Brigade solidarity with the Cuban Revolution
Tim Butterworth
Socialism Made America Great
Nick Licata
Profiles in Courage: the Tories Have It, the Republicans Don’t
Abel Prieto
Cubanness and Cuban Identity: the Importance of Fernando Ortiz
Robert Koehler
Altruists of the World Unite!
Mel Gurtov
Farewell, John Bolton
Weekend Edition
September 13, 2019
Friday - Sunday
Paul Street
The Age of Constitutional Coups
Rob Urie
Bernie Sanders and the Realignment of the American Left
Anthony DiMaggio
Teaching the “War on Terror”: Lessons for Contemporary Politics
Jeffrey St. Clair
Roaming Charges: They Are the Walrus
T.J. Coles
Jeremy Corbyn: Electoral “Chicken” or Political Mastermind?
Joseph Natoli
The Vox Populi
Sasan Fayazmanesh
The Pirates of Gibraltar
John Feffer
Hong Kong and the Future of China
David Rosen
The Likely End to Roe v. Wade?
Ishmael Reed
When You Mess With Creation Myths, the Knives Come Out
Michael Hudson
Break Up the Democratic Party?
Paul Tritschler
What If This is as Good as It Gets?
Jonah Raskin
Uncensored Tony Serra: Consummate Criminal Defense Lawyer
Ryan Gunderson
Here’s to the Last Philosophes, the Frankfurt School
Michael T. Klare
The Pompeo Doctrine: How to Seize the Arctic’s Resources, Now Accessible Due to Climate Change (Just Don’t Mention Those Words!)
Luke O'Neil
I Would Want To Drink Their Blood: God Will Punish Them
Louis Proyect
The Intellectual Development of Karl Marx
FacebookTwitterRedditEmail