Compliance Management, Network Security, Government Regulations, Network Security

The danger of threat hyperbole

Last week I stumbled across a story on CNN Money, titled "Major banks hit with biggest cyber attacks in history."

After reading the headline, I decided it was probably best to forgo reading the rest of the article -- and instead just duck for cover. A few days later, when I deemed it safe enough to emerge from my hideout and return online, I assumed that the worst-case scenario we had been told to fear -- a cyber Pearl Harbor (or is it cyber 9/11?...I always forget) -- finally played out.

Our economic system had collapsed. Money was worthless. The end was near.

What's that, you say?

Oh. It was just a DDoS attack. Never mind. I feel stupid.

W-w-wait a minute! How can a flood of bogus traffic that knocks a few, albeit major, banking websites offline for several hours be considered the "biggest cyber attack" in history?  No networks or servers were breached, no sensitive or valuable data was stolen, no lives were put in danger.

It wasn't just CNN that slammed down hard on the hype gas pedal. Last week's attacks drew similar stories across many supposedly reputable media outlets. One unnamed U.S. official called the DDoS attacks among the "worst-case scenarios envisioned by the National Security Agency." (This official does know the difference between a DDoS and a hack, right?)

So, big deal, the media went bonkers on a story. Happens all the time, right?

The math book your child brings home from school might suffocate her while she sleeps. Story at 11.

Well, it's poor timing right now because we're at a pivotal point in the cyber world. After a year that saw repeated attempts at internet security legislation, President Obama now is reportedly prepping a 19-page executive order that would be similar to the White House-backed Cybersecurity Act of 2012, which was struck down in August.

As such, news accounts that purport to chronicle the largest cyber attacks in history could provide the ammo for our leaders to make misguided decisions -- things that erode our digital freedoms. It also doesn't help matters when the chairman of the Senate Committee on Homeland Security and Government Affairs, warmonger extraordinaire Sen. Joe Lieberman, claims -- without showing any proof -- that last week's attacks were orchestrated by the Iran government. And the media eats it up!

But even beyond that, let's remember two things about Lieberman: He a) wants cyber security legislation passed (he co-sponsored the Cybersecurity Act) so it makes sense he'd play the Iran card on this one and b) he has been itching for a fight with Iran since at least 2009.

The media shouldn't lend Lieberman the free space to plug his cyber-demagoguery without at least mentioning his views on the country.

So let's get our act together, everyone. Hey, there's still time: the DHS-sponsored National Cyber Security Awareness Month just started!

But then again, if the Homeland Security secretary doesn't even use email, what hope is there for us anyway?

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.