Comment Re:Who will get (Score 1) 360
Companies should be free to hire cyber mercenaries to decimate their attackers. Maybe that's what's going on here? Or maybe they're getting a little US Mil support.
I have this sinking suspicion that this could be the common state of affairs for the Internet's forseeable future -- various unknown parties constantly breaking various things on the Internet, with the rest of us never really figuring out who is doing what to whom, or why.
If you want a vision of the future, imagine a global game of Core War, being played on everyone's servers, forever.
Tend to agree, though there could be another possible future. Nations get tired of this nonsense and start instituting border proxies. Maybe traffic is unrestricted between nations that agree to punish those who attack on other signatories, and refrain from government attacks (think US+EU and a few others). Countries that don't crack down on hacking get their traffic proxied, with only whitelisted protocols accepted (maybe strict html without javascript, plus images in specified formats chosen for simplicity and checked for standards-compliance, and email subject to a delay to allow for spam discovery and scanning/etc - perhaps without attachments). It would basically be the death of the internet as we know it, and obviously the usual suspects will be all for it.
When what happened to Sony starts happening to many major corporations there will be a lot of talk about changing how things work. From what I've read Sony's security seemed pretty typical for any large company - a firewall against incoming connections, and little else once you get inside. Companies aren't going to want to build a complex security infrastructure internally, let alone really strong measures like isolated networks - it costs a lot and is a lot less useful unless you punch a million holes in it (which diminishes the security). With regulations like Sarbanes-Oxley companies want to be able to account for every hour charged to every project and every mile expensed and every bolt ordered against the bottom line each quarter. Gone are the days when everybody just managed their department on a spreadsheet and cascaded the numbers up the levels. Then you have all the tax nonsense - governments don't like it when the value you declare to customs doesn't match the value you get when you finish doing all your double-irish whiskey with a shot of bermuda rum shell games, and good luck having that happen without about 14 layers of integration. Keep in mind the guys running all this IT stuff are in China next to the guys doing all the hacking on behalf of North Korea in the first place.