Consider this a FUD alert.
I'm going to take a moment and respectfully disagree with a gentleman we quote in our story from this morning, "U.S. bank cyberattacks reflect 'frightening' new era."
The article leads off with this ominous declaration:
"Cyberattacks on U.S. banks over the last several months reflect a frightening new era in cyberwarfare that corporations are unprepared to battle because of a shortage of experts skilled in building effective defenses."
The main source of the story is Darren Hayes, a computer forensics expert and chairman of Pace University's Computer Information Systems Program. He says in the article:
"We've entered a new era and it's pretty frightening in many ways. What's a little bit scary is the fact that we don't have as many skilled professionals who are network forensics analysts or network security people as we should have."
He's a smart, articulate man we've quoted before. I even agree with the basic premise that the banking sector is in over its head when it comes to the number and sophistication of bad guys targeting its data.
But frightening? Scary? The choice of words isn't helpful.
To me, a threat is frightening when it comes out of nowhere, catching the world asleep and causing massive damage that slices a large segment of the population to the core. 9-11 comes to mind. So does the massacre of children at Sandy Hook Elementary School in Newtown, CT., last month. But the grim scenario Hayes speaks of is far more muted than that.
The hacking threat banks face is not new. Banks have been getting hammered for quite some time now. Some banks have mounted a decent defense, while others have been caught woefully unprepared. The attackers have had a multitude of motivations. Nothing new here.
Frightening and scary? Nah. Frustrating to the infosec practitioners who have to keep their companies from being the next sad statistic? Surely.
There's no question the banking sector confronts big problems. There's also no question -- as the article stated -- that the Iranians are highly motivated to sow turmoil in the American financial sector.
We can feel frightened. But sooner or later we have to move beyond the emotions and find better ways to fight back.