I'm glad we've learned from our mistakes, well, relatively speaking. Hacking wasn't that big of a deal back when this book was written. The cause of this was mainly because the internet wasn't around for very long up to that point. It was still very new, and all the wonderful uses of it had yet to be determined. It's a little sad that it took 16 years before the US government enacted the FISMA of 2002, but still, progress is progress, no matter how slowly that progress is made. Now that FISMA is in place, all government agencies are required to have some sort of information security, aka cyber security. The problem still remains though that security is just that, security, and there seems to be few entities, if any (I couldn't find any online), that track down existing hackers. The hacking group known as Anonymous is possibly the largest group that I know of, and they've been around since 2003, one year after FISMA was set in place. They've shown no sign of slowing down, and I don't believe they will as long as there's no one willing to stop them, or at least someone willing to make an attempt to stop them.
The other thing that really saddens me is the fact that the method used for hacking by Hess is still largely used today. People don't put adequate passwords on their systems, and they can be easily guessed by hackers (which in that case I don't even consider them hackers, just regular people who can guess passwords). Government entities have since greatly increased their security, however most other companies have not enforced adequate passwords. Information can still be stolen through these other companies. Many government agencies allow their employees to access their non-government issued emails, and even facebook while their employees are at work, and this allows access into the government machines. Something needs to be done, but the problem is, people aren't willing to change, and that is usually a problem.
I disagree that hacking wasn't that big of a deal when the book was written. Hacking has always been a big deal. The problem was that people didn't take hacking seriously. But this was caused, like you mentioned, because the internet hadn't been around very long. My main point here is that ignorance to a problem doesn't mean the problem doesn't exist.
ReplyDeleteHowever, I do agree that all organizations must ensure a secure password for their users. Common passwords must not be allowed. Further, every password must have at least one number or special character.