Big news this past week that U.S. President Barack Obama’s sensitive (but unclassified) e-mails were accessed by Russian hackers. It is surprising this news is surprising. The U.S. government’s unclassified network suffers from the same problems that have led to and will continue to promote other high profile attacks, including Sony, Home Depot, etc. Despite immense expenditure on IT security, these organizations are at the mercy of well-funded, sophisticated attackers, because computing infrastructures are fundamentally flawed, due to the following “Trifecta of Death”:
- widespread use of general-purpose computers
- computers connected to the Internet
- large number of humans accessing those computers
Most enterprise computing platforms, from Windows PCs to Linux/Apache web servers, were never designed to protect against sophisticated attackers. The operating systems have poor privilege models, enabling vulnerabilities in massive middleware packages (like Flash and Java) to be exploited for total security bypass.
Any organization with a large number of…
View original post 462 more words