Use your computer fearlessly.

Mission Services Articles Research

everyone: older news

business: Intractable Cybersecurity, Quantum Communications

Superstition in Cybersecurity

by Brent Kirkpatrick

(Date Published: .)

Fear of being hacked has nurtured several non-scientific superstitions.

Superstition in cybersecurity catches us by surprise, because we think of technology people as grounded in science. The confluence of business needs, a dearth of digital literacy, and the difficulties of detecting hacking have lead to superstitions in cybersecurity. These superstitions include the following ideas:

  • advanced persistent threats,
  • attributable digital evidence, and
  • impenetrable security.

The idea of an advanced persistent threat is a superstition that appears to originated from the military. The non-scientific idea at the core of this superstition is that there can be a technology threat that persists, rather than a person that persists. Indeed, if there is a persistent threat, that threat would be a person or a group of people. On the technology side of things, there are only vulnerabilities that are patched or unpatched. While a hacker might gain access and try to hide a backdoor, this threat is created by the actions of a person, rather than a technology.

Fear is the main source of superstition. Bertrand Russell

Another non-scientific idea is that digital evidence can be attributed to the person who hacked, in the absence of other types of evidence. The idea at the core of this superstition is that hackers leave their fingerprints on the code they write. This is typically not the case. Imagine for a moment that we un-earthed a manuscript written in the 1800's without knowing the authorship. It would be a very challenging task to determine the author from the text alone. Instead, we would need other clues as to the origin of the manuscript: when it was discovered, where was it discovered, how it was written or printed, etc. It is the same with computer code, including code used to hack.

Another non-scientific idea, that of impenetrable security, is that there exist computers on the Internet that have not been hacked. Many recent news reports and demonstrations by penetration testers have helped combat this superstition. However, the most convincing evidence is the prevalence of computer worms that conquer large portions of the Internet. One such example is Panther Shadow, a worm that infected Linux devices earlier this year.

Please contact us at Intrepid Net Computing if you need scientific solutions to cyberattacks.

Trojan Hunter image

Trojan Hunter (TM). Digital forensics for Trojans at an accessible, fixed price. For any operating system.

Business Articles

Impossible Problems in Computer Security

Computer Security is Algorithmically Intractable

New Technologies for a New Cybersecurity Marketplace

Panther Shadow: A Linux Worm

INC Logo

What Is New? | Contact | Tips

© 2015-2021 Intrepid Net Computing. All rights reserved.