Content

Dangerous liaisons, new threats

It all started when the press wanted our reaction to several YouTube videos that had been posted online by Michigan parents showing a variety of people receiving medical care in Ann Arbor. These videos talked about the importance of their treatments, and they showed pictures of babies and adults on IVs, etc. They encouraged an internet protest against our state web portal in order to send state leaders a message.

At the end of the videos, a message was provided encouraging people to visit a website and download software to join the protest. An Ann Arbor News story described it this way, "Participants will be able to set their web browsers to reload — or refresh — continuously, generating an unusual number of requests for the targeted web pages."

We informed the reporter of the Michigan Penal Code which prohibits use of the internet to disrupt governmental operations. While we sympathized with their concerns and the cause of their children, we advised people against supporting this action. However, the "bad guys" claimed that these actions were breaking no laws, since the manual refresh was being done by the end-user manually and with known intentions.

So what happened? No, we didn't see an outage or even a major slow-down at Michigan.gov — this time. Our site saw about a 10 percent increase in page views over what we would expect on a typical Thursday at that time of year.

This situation raises all kinds of questions, though. What if future participants unknowingly download spyware, a virus, or become a zombie PC? What if millions of people did this to protest a war or global warming?

The military has long said that, although capabilities often take years to develop, intentions can change overnight. They note that it takes many years to build a tank or an aircraft carrier, but during that period, the enemy may change.

In other words, do we really know the cyber bad guys?

We assume we know our allies, but do we? Who can we trust in the future? Get ready for dangerous new liaisons to bring new cyberthreats.

Dan Lohrmann

Dan Lohrmann is an internationally recognized cybersecurity leader, technologist and author. Starting his career at NSA, Lohrmann has served global organizations in the public and private sectors in many leadership capacities. As a top Michigan Government technology executive for seventeen years, Dan was national CSO of the Year, Public Official of the Year and a Computerworld Premier 100 IT Leader. He is currently CSO & Chief Strategist at Security Mentor, where he advises global and local corporations and governments on cybersecurity and technology infrastructure strategies and security culture change. He has been a keynote speaker at security conferences from South Africa to Europe and Washington D.C. to Moscow.

Dan’s award-winning blog: http://www.govtech.com/blogs/lohrmann-on-cybersecurity/
CSO Magazine articles: http://www.csoonline.com/author/dan-lohrmann

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.