Another Notch In 'Cyber Threat' Rhetoric's Belt: Former UK Head Of Cyber Security Brings 'AIDS Epidemic' Into The Mix
from the the-true-risk-of-'unprotected'-surfing dept
Well, we've seen the always-impending cyberdoom compared to all sorts of horrendous events by legislators and security agencies. The perpetually-just-over-the-horizon cyberattacks have been given catchy names like “cyber-Pearl Harbor” and “cyber-9/11” in an attempt to scare up some support for terrible legislation and expansions of power.
The UK's former head of cyber security has taken a slightly different tack, avoiding the terrorist imagery in favor of something even more dubious.
Major General Jonathan Shaw, a former head of cyber security at the Ministry of Defence, said people must be told to improve their computer security because the UK is “extremely vulnerable” to attack by criminals and terrorists.
He said there is a “special responsibility” on all citizens to improve their “cyber hygiene” as private computers are the easiest to attack.
Speaking on BBC Radio Four's Today programme, Major General Shaw said the Government must “launch a cyber hygiene campaign like they did with the AIDS epidemic in the 1980s”.
He said individuals are “on the front line” and must be warned their computers are at risk, as the Government is “not in charge of cyber space”.
He's got that last part right. The government isn't in charge of cyber space, no matter how much it wishes to be. But owners of “private computers” have had “cyber hygiene” information available for years. If the UK government wishes to start a campaign to inform the public of the dangers prevalent on the web, I have no problem with that. The campaign will be mostly redundant and will have little impact on the number of infected private computers, but that's the way these things go. Actively keeping a computer free of malware, spyware and viruses takes a little effort and knowledge (and sometimes, a little money), but for many people, that “little” extra is too much.
Furthermore, it's tough to see how private individuals are “on the front line” of this so-called “cyber war.” If there are key areas of infrastructure (say, the ever-popular power grid) that seem vulnerable to attacks by criminals and terrorists, how does erecting a firewall on a home computer prevent that? If these agencies feel they are threatened by cyberattacks, they need to do more policing on their end and make sure that critical systems are inaccessible from “personal” computers — like preventing “cross-contamination” by keeping possibly infected “personal” media (thumbdrives, etc.) from connecting with critical systems or issuing “locked-down” computers for telecommuters. There are many more effective actions that could be taken by the “threatened” entities, but trying to keep the public's private computers from being conscripted into the latest botnet isn't one of them.
Lastly, conflating malicious activities with a communicable disease, even indirectly, is hardly a good idea, especially when the disease chosen is one with a loaded political and sociological background. It trivializes the impact of AIDS and generally makes the public feel the severity of the threat is overstated. Even if the aim is admirable (get more computer users to protect themselves from attacks), Shaw's unfortunate wording undermines his message.
Filed Under: cybersecurity, cyberthreats, exaggeration, jonathan shaw, uk
Comments on “Another Notch In 'Cyber Threat' Rhetoric's Belt: Former UK Head Of Cyber Security Brings 'AIDS Epidemic' Into The Mix”
Infection
Personally, I’m more concerned about catching something from government computers and websites than about any of the others.
Totally can get AIDS from Cyber stuff
True Story: I knew this guy that caught ebola from clicking a link in his e-mail.
Re: Totally can get AIDS from Cyber stuff
I’m pretty sure AIDS doesn’t have that much to do with hygiene, so at least his analogy would be just as ineffective as what he is proposing.
Re: Totally can get AIDS from Cyber stuff
Are you sure it wasn’t the West Nile/D2 worm?
look who is talking
how many laptops, memory sticks and pc’s are lost by UK defense personnel every year again? clean up own your own act first.
Re: look who is talking
Indeed. And some of those have information that is genuinely damaging, such as the names and locations of all MI operatives in Palestine, Syria and Egypt, as well as those in Pakistan and Russia.
Appliances
Unfortunately computers have been promoted and bought as just another ‘appliance’.
With a washing machine you just turn it on and it cleans the clothes. With a TV set you turn it on and watch the broadcast. With a computer (PC, laptop, tablet) you just turn it on and get your email or surf the web.
Just as the average person doesn’t perform a weekly service of their washing machine or TV set, neither do they see the need to do anything about their computer (until it is so riddled with malware that it just stops working).
there will be a change
if the govt hypes cyber threats then companies will take advantage of that to offer or sell more AV services.
there will be a shorter path for people to get “properly” protected because there will be links on amazon, as you shop for golf clubs, to also purchase kaspersky.
many purchased these two things together!
– Titanium Driver,
– Kaspersky Internet Security
and it will, in the end, increase the number of people taking at least some minimum effort to protect their PCs.
even though “a little bit extra” is too much right now, it won’t be once they are scared by the govt into “realizing the dangers”.
Wait a second. I knew I could get AIDS or other STIs from being too promiscuous face-to-face… but now they’re telling me I can get them from cyber?
It’s quite easy to see if (like Shaw) you envision a “cyber war” that puts government on one side and private individuals on the other.
Or the same side...
If you consider the Government the back line in Chess and the Public the front line of pawns….
Everyone knows pawns are expendable, until one of them makes it to the other side and becomes the queen (aka gets into Politics and becomes either a politician or lobbiest).
Okay, this is so true it’s just sad…
cyber front line
it’s tough to see how private individuals are “on the front line” of this so-called “cyber war.”
Well if the home user pc is infected it could become a zombie and be used in anetwork to brute force or ddos websites or other computers or even to decrypt sensitive info gained from another attack.
James
The people most unwilling to take the time, effort, and money to properly learn about and secure their computers are also largely the same group of people who are too unwilling to take the time to become informed about their politicians and hold them accountable for their actions and keep electing the same tired, inept, and incompetent people into office term after term after term. The last thing these politicians want is for there constituency to become properly informed about just about anything, so basically this campaign is going to be all style and flash and very little substance, like most of the dog and pony shows they put on.
Re: Re:
I will call this out…you have no proof of any of this, I have met brain surgeons who needed help with malware, just because somone doesnt take the time to learn there computer doesnt mean they are ignorant…they just may not have time and are willing to pay others to do it for them, i look at it as job security.
I am sorry but your are the kettle calling everyone black.
Re: Re: Re:
Re: Re:
If you want some quiet you can either sound proof the entire house or buy cheap ear plugs.
If you want secure data you secure the data not the channel it travels in.
If you want better politics you change the politics rules not the players.
The problem with politics is that the system is broken is not the people that go in it, because they don’t matter, the outcome of that system will always be the same, so change the system.
If you don’t want people speeding don’t build straight roads.
The outcome of any system is responsibility of the system builder, not the users.
herpes would make a better analogy
While I do think that using HIV is not in the best taste, I do think the analogy with STDs is a good one. Your shitty password on Facebook makes it more likely that scammers will gain access to more of my private information. That puts me in more danger and, in turn, makes it more likely that I will be scammed.
Then again, the analogy only makes sense if everyone is having sex with everyone else.
So now we can get AIDs from a computer? I guess it is time to have a sit down with it and talk and tell about where it’s been and how unfaithful it is.
Who knew you were at risk from your computer?
/scarcasm
they have been calling them VIRUS'S for years
Masnick have you just found this out ??
Yes, the home computer is the front line and is by far the most common target for computer virus’s and hacking.
There is nothing wrong with trying to increase public awareness of these problems, and explaining that protecting internet infrastructure does not ensure you home computer connected to that infrastructure is safe.
To state that you are safe is a lie, I keep hearing you say Masnick that you are knowledgeable in things related to technology.
So are you just saying this because it came from a “FORMER” head of a security agency ??
Do you believe it is not true ?? do you think he was lying ?
DO you know what a computer virus is ? Do you know the term computer virus has been in common use for many, many years ?
Why are you acting so ignorant ?
HIV is NOT a STD (that is one way to contract it)..
Please Masnick and ilk, try to learn something.. you have so little credibility now, and now you are displaying how stupid you can be to get some page hits.. It’s sad that money has clouded your ethics so much..
But don’t worry, no one has any expectations that you will change, we know you cannot do that you simply do not have the depth of knowledge or skills or will to change your ways.
(plus, you think your on a good thing making money by Googling stupid search terms, and trying to downplay issues that are important to people.
Techdirt,, techshit..
Re: they have been calling them VIRUS'S for years
WooooooWooooooo get on the outta your crazy fuckin mind train featuring the conductor Anonymous Coward, Jan 16th, 2013 @ 5:52pm.
Wow I have seen some crazy crazy shit comments on the internet, but this one takes the cake.
This guy is batshit crazier than Average_Joe, boB, and out_of_the_blue COMBINED.
WooooHoooo flagringhdkew gkkrklllj!!!!! Yeah insane like that.
Re: they have been calling them VIRUS'S for years
If something is (even primarily) sexually transmitted, it is an STD. AIDS (or HIV even) is an STD. Yes you can get it from other sources, but by far and away the major source of infections world-wide is through unprotected sex. And if this is one of your biggest ‘quibbles’ with Mike’s point, you haven’t got much of an argument!
Seriously, did you even read the post before embarking on this wall of stupid?
What a waste of hot air.
Major General Idiot,
Maybe you were unaware of the simple fact that HIV/AIDS is actually still something threatening the global population.
Maybe you were unaware that the education of people about HIV/AIDS was done by regular people, not governments who were more worried about offending some religious groups than the body count piling up around them.
Maybe you were unaware that education was the best preventative measure, but telling people to wear condoms offended that same religious demographic.
Maybe your that delusional that your making an asinine comparison trying to scare people into allowing you more powers and over reach when it is perfectly clear your not to be trusted with what you have now.
Millions of people have died from HIV/AIDS.
Your cyberarmageddon BS has no body count.
Your words are offensive, and your ideas are stupid.
You really need to educate yourself and stop spewing propaganda so you can award cushy contracts to well connected friends.
I am appalled that your the head of anything you ignorant twat.
Re: What a waste of hot air.
TAC,
Maybe you were unaware that the education of people about HIV/AIDS was done by regular people, not governments who were more worried about offending some religious groups than the body count piling up around them.
Maybe you were unaware that education was the best preventative measure, but telling people to wear condoms offended that same religious demographic.
This would be correct if the General(retired) was a US citizen and talking about the USA, though he’s not and he’s talking about the UK actions in giving AIDS education via media campaign where all the above were actually done. Sex education is actually a major thing at all schools in the UK (same as here in Australia), condoms are given away free, Medical initiatives and testing is FREE, people don’t have the political/social/religious stupidity that resides within the USA on ‘moral fortitude’ grounds.
Read my comment below if you will, but this guy other than the silly ‘terrorism’ remark is actually going against what the current fear mongers in the UK govt are saying and stating that education as was given and hugely accepted in the UK’s AIDS campaign (like the same that was done for the Mad Cow disease scare) had no religious or other stupidity group complaining to the extent they were able to even change what was being said, let alone stop it.
It’s a totally different culture in the UK compared to the USA when you look at things like sex education, medical access, religious fervour, and the ability for religious/minority groups to control what the masses should see in govt authorised education campaigns.
Re: What a waste of hot air.
I’m not sure anyone understands the quoted text of the argument, and as much as it pains me to admit it, it sounded like the man writing the article didn’t understand it either. They’re talking about starting a public information campaign, and compared it to…the public information campaign they did for AIDS. They aren’t comparing my computers malware infection to AIDS. This article and comment thread has way too much “I’m offended for the sake of being offended” going on.
Why are personal computers the ‘front line’? Because personal computers are constantly picking up malware infections leading to a great deal of issues like identity theft. Make no mistake, malware and other cyber-crimes represents significant economic losses.
Just because your standard PC is ON the frontline doesn’t mean it’s the entirity of the front line either. It’s the freaking internet. EVERYTHING is the front line when it comes to computer security.
I for one fully support any government attempting to start a public information campaign about computer security, and hope that they do it right.
Look you stupid sheeple
if we real hackers wanted to destroy the net by now we’d have ended it a long long time ago…
fact is we have fun with it ….so quit the dumbass fear mongering…people are smarter then you think and slowly they are wising up to the old fogey bullshit thats crept into every facet of there lives and are sick and fucking tired of it.
I’m of tow minds about this statement. On the first hand I think the statement that the UK (or anywhere) is “extremely vulnerable to attack by criminals and terrorists” is just pandering to the ‘terrorist fearmongering’. Though in context (see below) the criminal part is quite relevant and correct.
On the other hand the context he was speaking about AIDS is in regards to the very well done educational campaign that the UK and other countries at the time did in response to the crisis that was AIDS , which showed that there were ways to prevent it, people had to step up and actually do something, and educated everyone on the risks by presenting real facts. [I’m not talking about the USA AIDS campaign which was basically watered down crud pandering to the morality crowd]
Educational campaigns that show that people need to reasonably secure (emphasis on reasonably) their own computers and teaching them how to reasonably protect against malware/virus/trojan, how to distinguish phishing attacks and other social engineering tricks used by unsavoury characters, how to practice good password control, and why they need to take personal responsibility for their own protection themselves and not just rely on the govt. is ALWAYS a good thing!
In fact the statement “He said individuals are ‘on the front line’ and must be warned their computers are at risk, as the Government is “not in charge of cyber space”. Is absolutely accurate.
This shows he understands that the Govt is not the be all and end all, people need to step up themselves and do something if they feel the need or shut the hell up about it, and that due to the fact that the average layperson still thinks of the internet as some sort of scary and ‘new’ place that only the young and geeky can navigate an education campaign in the same vein as the AIDS one with correct information and presenting ALL the facts is the best method. I agree.
There was NO conflation with the AIDS epidemic indirectly or otherwise, the only comparison was that any campaign should be as ubiquitous as the AIDS campaign was.
Re: Re:
Very well said. I usually agree with Techdirt, but recently the various bloggers have started to throw anything they can at supporting their beliefs and causes.
This post is a perfect example of just that. It’s a shame because this is exactly the same tactic the trolls commenters of Techdirt use and I would have thought Techdirt was above such tactics.
Re: Re:
My issue with it would be how badly HIV/AIDS education failed elsewhere.
That many people will equate that the Gov not being in charge of cyberspace is how to “fix” the problem by putting them in charge.
He has the same problem I suffered from, not being informed beyond his own backyard about the issue.
A much better example would have been how the world worked together to eradicate “common” diseases with vaccination programs… well until people went stupid. Small pox, polio, etc…
I will take my lumps for my myopic view, and thank you for giving me information I did not have.
any fucking excuse possible along with any amount of bullshit necessary to try to instill into peoples minds that they need the government to be in complete control, not just of the Internet, but of their whole lives, will be used. if people are thick enough to believe it, i feel for them. if, however, a person that once held the position that Major General Jonathan Shaw did, feels the need to lie like this, all it would do/should do is make people much more wary of the ‘behind the scenes’ intentions of that government! Theresa May is a conniving bitch with grandiose beliefs who will go to any lengths, like most politicians, to get what they want regardless of whether it is the best thing or not!
Just a simpler solution?
I actually agree with most of what dear Major General said … up to the point where he insinuates people need more government protection for their poor private computers.
On the other hand – I suppose more government protection IS a lot easier to arrange than more common sense…
Whats the problem here? The quoted text is about as innocent as you get. They aren’t comparing malware to aids, they’re comparing cyber security awareness to the public information campaign during an epidemic. Are you really THAT opposed to any sort of publc information campaign about personal cyber security?
>Furthermore, it’s tough to see how private individuals are “on the front line” of this so-called “cyber war.”
Because private individuals tend to get malware infestations? Just a freaking guess. You’re trying to tie in infrastructure vulnerabilities to private users, but I’m not seeing the link. They’re seprate issues.
Cyber Hygiene? I can beat that...
It won’t belong before us “Individuals” are required by law to pay for Cyber Insurance. How you feel bout that?