{"id":10,"date":"2010-01-06T07:13:53","date_gmt":"2010-01-06T12:13:53","guid":{"rendered":"http:\/\/blogs.law.harvard.edu\/difficultprobs\/?p=10"},"modified":"2011-01-04T17:14:39","modified_gmt":"2011-01-04T22:14:39","slug":"is-cybersecurity-a-problem-to-what-extent","status":"publish","type":"post","link":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/2010\/01\/06\/is-cybersecurity-a-problem-to-what-extent\/","title":{"rendered":"Is Cybersecurity a Problem? To What Extent?"},"content":{"rendered":"<p>Cybersecurity is an international issue spanning monetary, governmental and personal concerns. Professors Jack Goldsmith and Jonathan Zittrain led a conversation about the careful balances and difficult solutions involved.<\/p>\n<p>Networks like the Internet are pervasive, yet vulnerable. Cyber attacks can be broken down into two categories, attacks and exploitations. Cyber attacks are computer network activities that change, destroy or manipulate data. Cyber exploitation is reading and potentially copying information.<\/p>\n<p>Professor Goldsmith broke down cybersecurity into four threat vectors:<\/p>\n<ul>\n<li> remote attack, or\u00a0 an attack from one computer system to another such as DOS. Narrowly and colloquially speaking a DOS (or denial of service) attack is a surplus of requests to a particular website, making it inaccessible, but more broadly speaking it is any resource that cannot interact on the network.<\/li>\n<\/ul>\n<ul>\n<li> supply chain attack, or something that affects critical infrastructure, such as trojan hardware or software<\/li>\n<\/ul>\n<ul>\n<li> exploitation, or the copying of data, such as industrial or governmental espionage, or the copying of individual personal information such as credit card numbers<\/li>\n<\/ul>\n<ul>\n<li> military\/intelligence problem, for GPS locations and the control of UAVs(unmanned aerial vehicles)<\/li>\n<\/ul>\n<p>Cybersecurity differs from other forms of security due to the type of anonymous attacks possible. From an investigative and enforcement standpoint, anyone can be an aggressor, which in turn facilitates the blur between public and private. In this way it is more difficult to identify or punish or deter aggressors, especially with the potential for delayed attacks hidden in software or hardware. How safe is your computer and what are you willing to do about it, economically, time-wise and in terms of policy support and advocacy? Where do you draw the line between security and human rights\/privacy concerns for individuals? How can a government respond to attacks of unknown origin?<\/p>\n<p>Interventions can be incremental or quantum, the question remains both a policy and economic debate. How can risk be calculated? Can we have the open Internet and solve the cybersecurity problem? What would a solution look like? What kind of losses are you willing to accept?<\/p>\n<p>New innovations in cloud computing, or the ability to store data and computational resources online rather than on a personal computer are also susceptible to cybersecurity debates. On one hand, large storage services have higher security implemented than the average computer user, but information on aggregate becomes a more appealing target for exploitation. How can we design resilient systems that uphold against attacks (though they wont&#8217; be perfect)?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cybersecurity is an international issue spanning monetary, governmental and personal concerns. Professors Jack Goldsmith and Jonathan Zittrain led a conversation about the careful balances and difficult solutions involved. Networks like the Internet are pervasive, yet vulnerable. Cyber attacks can be broken down into two categories, attacks and exploitations. Cyber attacks are computer network activities that [&hellip;]<\/p>\n","protected":false},"author":2181,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[14444],"tags":[],"class_list":["post-10","post","type-post","status-publish","format-standard","hentry","category-cybersecurity"],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/posts\/10","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/users\/2181"}],"replies":[{"embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/comments?post=10"}],"version-history":[{"count":5,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/posts\/10\/revisions"}],"predecessor-version":[{"id":127,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/posts\/10\/revisions\/127"}],"wp:attachment":[{"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/media?parent=10"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/categories?post=10"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/archive.blogs.harvard.edu\/difficultprobs\/wp-json\/wp\/v2\/tags?post=10"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}