Internet Society Attacks State of Global Online Security
Ashley Allen / 8 years ago
International non-profit the Internet Society (ISOC) has taken a long look at global online security, and it does not like what it sees. In a new report, prompted by a plethora of online attacks in 2016, the organisation surveyed 24,000 respondents across 54 countries and discovered that up to 93% of online security breaches are preventable.
“According to the Online Trust Alliance, 93 per cent of breaches are preventable” ISOC’s Michael Kende says, though adding that “steps to mitigate the cost of breaches that do occur are not taken – attackers cannot steal data that is not stored, and cannot use data that is encrypted.”
Sadly, given the choice between spending money on security and leaving user data vulnerable to attackers – which has no immediate tangible cost, with users taking the hit – businesses tend to default to the latter.
Given the decentralised nature of the internet, Kende argues that no one party should take responsibility for fixing online security, arguing that businesses and organisations “share a collective responsibility with other stakeholders to secure the data ecosystem as a whole. This includes vendors, employees, governments, and others. Should one of these links not function, the entire trust chain could be broken.”
“Protecting users should be a goal in its own right”, adds Kende, and should be a “business necessity.”
The ISOC also makes special mention of unsecured Internet of Things (IoT) devices, blamed for the recent Mirai botnet DDoS attack that recently took down DNS service Dyn. The report calls open IoT devices a security “black hole” that needs to be closed.
“This lack of liability could lead to significant externalities imposed by a broader range of devices including health devices, baby monitors, and a wide variety of sensors,” the report reads. “Likewise, someone shopping for a baby monitor, WiFi router, or connected car, has no way to learn how well it has been protected from attackers.”