Vantagepoint: Cyber Security
My father used to tell stories of the wild early days of the automobile, how he and his friends would race across the roads around Kansas City. No doubt the exploits grew over years of telling, but one comment was as certain as “once upon a time” in a children’s tale: “Of course you couldn’t do that today. It’s just too crowded.”
The early days of technologies tend to be that way—the domain of adventurers. The Internet started with a few academic and government scientists and their military sponsors. Stories of those wild early days are recounted with loving detail in Where Wizards Stay Up Late: The Origins of The Internet, Katie Hafner and Matthew Lyon’s 1996 chronicle.
At first, security was mainly physical—only trusted parties had connections and access to the rooms where computers resided. Usernames and passwords provided an additional layer of protection. Today 1.7 billion users are connected, including almost 70% of North Americans (Source: www.internetworldstats.com). Yet our fundamental security systems have not advanced much over those early days—at least at the individual computer level. But behind the scenes, network and system managers at UNH are engaged in an on-going battle against an array of threats—with spam, malware, spyware among the most common.
Consider this: Industry estimates are that 80-90% of all E-mail traffic is unsolicited spam or worse. In August 2006, our central E-mail system processed just over 20 million messages. Over 40% were spam. In August 2007, we processed slightly more than 10 million messages. Just 23% were spam. The difference is not due to a sudden pang of conscience among spammers. Rather, these numbers reflect increased vigilance in filtering out messages that range from nuisance offers for fake Rolex watches to criminal fraud attempts. To put it another way, each member of the UNH community was spared about 500 “bad” E-mails this August. Unfortunately, our protective systems are not perfect. Occasionally, a good E-mail is rejected. Some bad items pass through.
Cyber security experts often note that today’s threats are no longer the work of teenage pranksters. Instead, they are the work of skilled computer experts working for organized crime. Technology can’t do the entire job of protecting us. As with life in the “real” world, a certain level of individual vigilance is necessary. I encourage each member of the UNH community to take part in October’s cyber security month activities discussed throughout this issue of Signals.
Some day I expect to sit with my granddaughters and tell stories of the early days of the Internet, how we survived without virus and spyware protection, recklessly tearing through cyberspace. “Of course,” I will tell them, “you couldn’t do that today. It’s just too crowded.”
September 25, 2007.