Victor Sheymov’s Blog on Cyber Security and Intelligence
An important and often overlooked aspect is that many computers are infected by malware well before this malware is triggered. It means that many of our critical infrastructure computers already contain “cyber bombs” that are waiting to be triggered at the time chosen by the attacker to maximize the damage. This malware is extremely difficult to detect, and on a large scale such detection is a practical impossibility. Furthermore, disconnecting computers from the Internet in most cases would be ineffective, since malware can easily reconnect the computer to the Internet if a proper hardware and a wireless access are present, and they usually are. So we are sitting on multiple bombs embedded in our critical infrastructure at the mercy of multiple unknown attackers.
Thus we are facing a grim reality that we do not fully comprehend, and not much has been done about it so far. Our vulnerability has not improved over the years; indeed, it has deteriorated. The technology of cyber attacks has advanced more than technology of computer security. Let us review how we got into this situation and, more importantly, how to get out of it.