Stop Expecting Mark Zuckerberg To Be Homeland Security
By: John Shepler
I spent hours watching Mark Zuckerberg take a flogging from 44 United States senators over the shocking revelation that Facebook has been gamed by advertisers and at least one foreign government. Rather than pick up a dagger and join the belated Ides of March proceedings, I think maybe it is appropriate to call “time out” and do a little deeper thinking on this subject.
What is it we really want here? Is it the smug satisfaction of compelling the Silicon Valley wunderkind to make a good act of contrition? You might easily think so after watching the political posturing and some of the inane questioning from the tribunal. At least one senator had the gall to try and pressure Zuckerberg into promising that no Russian agent would ever, ever be able to make any mischief on Facebook again.
Are you kidding? Fortunately, Mark had the cool demeanor and presence of mind to simply say no. No, Senator, I can’t absolutely positively guarantee that no-one will ever fool the American people on the Internet again. What he didn’t say and needs to be said is:
1. How can you not know that is most ridiculous request you could possibly make?
2. When is the U.S. Government going to get serious about protecting all of us online?
Don’t get me wrong here. I’m not saying that Facebook and its ilk don’t need to be held to a higher standard of privacy protection for their users. Even so, we’ve all been too lax about laying our entire lives bare and believing that only our “friends” can read this stuff. Information you might share in hushed tones at the local diner are posted in cyberspace with hardly a second thought. If there is a second thought, it is to add some more detail to embellish what’s already up there.
Let’s face it. Online, we are a bunch of overeager kids jumping up and down, anxious to speak next. Nobody is editing what comes out of their keyboard in real time. It’s a stream of consciousness chock full of juicy tidbits that, assembled into a profile, could be the key to breaking into our bank accounts or simply convincing us to vote for one candidate because, haven’t you heard, the other one is involved in devil worship or worse.
Do we need a pseudo-parent to protect us from ourselves? Maybe even some form of “nanny government”? Could be. There are 44 senators thinking that exact thought right now. If they can suspend the internecine bloodletting just long enough, they’ll probably enact something like the European Union’s GDPR or General Data Protection Regulation that imposes rules on what data you can collect, how you can handle it, and what it can be used for.
I usually wince at regulation. That means more rules to follow, more bureaucrats assigned to check and make sure you are following them, and more cost all the way around. However, it’s high time that these issues get addressed and the dangers get mitigated before something really bad happens.
It’s not the fact that you confess to being a chocoholic or have five more cats that any reasonable person would keep that is going to get you in trouble. Worst case, you just see ads for German chocolate bars or kitty litter every where you look. Kinda creepy the way the thing you just searched for keeps popping up in ads on every web page from then on, isn’t it? Even so, being led by the nose by advertisers relentless on moving your money to their pocket isn’t the greatest threat by a long shot.
What is? You got a taste of it in the last election. We’re you really gullible enough to believe that Hillary Clinton was running a child slavery ring out of a pizza joint? Sadly, some of us were. Next time it will be even more intense and lot more subtle. Every friendly tweet, Facebook meme and “news story” will be carefully crafted to get you to hate this group or that legislation so much you actually get off the couch and drive to the polls just to show ’em. It will be months later before you realize you’ve been played to someone else’s benefit and your loss.
That’s not the worst of it. How much is cybercrime costing us? I did a quick search to find out. Assuming Google hasn’t already been gamed, the results come back at an average of $11.7 million per business annually or somewhere between $2 trillion and $6 trillion per year. Oh, and you thought everybody was so on to that Nigerian prince scheme that nobody was being fooled anymore.
Well, they are. I hope you don’t trust any offers that come in email, because you can’t. Even if it looks like it’s from your bank, it might not be. Click on the wrong link and you might be tricked into giving your login credentials to some punk overseas who is just waiting to suck your account dry. Click on a more destructive link and all of your files will be encrypted until you cough up a Bitcoin at about $7,000 as of this writing.
You don’t even know how much your bank or your hospital is being defrauded because they are keeping it hush-hush so they won’t panic their customers. If one of the tellers was skimming Benjamins, the Feds would have them in cuffs in short order. A couple of trillion over the Internet? Oh, well.
This is my point. We’ve got to stop thinking of this “Internet thing” as just some place where people post cute animal pictures and derogatory remarks about the politicians they didn’t vote for. The cold truth is that our entire economy and social structure are electronically interwoven and there’s no going back. You have less chance of getting mugged with a gun than you do getting mugged with an app. The people who have the greatest influence on your opinions could be pretenders with an agenda of their own or even bots programmed to swarm the social groups and pages spreading false but believable propaganda.
Now, should we all spill out into the streets and march until Mr. Zuckerberg secures his platform and guarantees that none of us will ever be cheated or fooled again? He can’t. To his credit, he admits it. So who can?
Each of us, on our own computers and running our own security systems in our own companies, can’t either. The threat has grown too big. We need more of a comprehensive solution and that starts at the top. By the top, I mean the government.
I know. I groan myself. But the fact is that we need to secure our electronic borders before we put a nickel in some towering concrete slabs to keep out people who just want to do our dirty work. I say it starts with the Department of Homeland Security. Every fiber strand coming into this country needs a firewall. Filter out the viruses & worms before they get through customs. There should be no such thing as malware on any wire, anywhere.
A certain amount of the bad stuff is home grown. For that, we’ll need the Internet Service Providers to provide the same protection. Some of them already do, but the security level needs to be stepped up a notch and then another notch until the problem disappears. If we can wipe out polio as a nation, we ought to be able to wipe out ransomware.
Not to pile on, but it horrifies me that foreign agents can break into our power plants and electrical grid at will. How about the water works? How about natural gas distribution? How about the sewage processing plants? If we were victims of a real cyber attack, we’d be freezing in the dark, dehydrated and up to our boots in… well you’ve got the picture.
It’s time to face the music as a country that just watching for nuke attacks over the poles and jihadists sneaking into the airports is the start of what we need, not the end-all. Yes, war and terrorism are disasters worth avoiding. Preventing them consumes huge amounts of resources and is well worth the vigilance. Cyber terrorism is just taking baby steps, but needs the same level of vigilance. If we don’t build robust defenses now, we’ll wind up broke and conquered or perhaps dead as well.
This is such a major threat that planning and leadership need to come from the top, not the bottom. Remember, $6 trillion losses and a thrown election. Surely, we don’t need to spend anywhere near $6 trillion a year to get a grip on this. Billions? Yeah, probably. But it will pay for itself and we’ll all be able to sleep a lot easier.
