I've been meaning to write about the ransomware hack of the Colonial petroleum pipeline on the East Coast. It is unclear why massive infrastructure systems like this are controlled over the eminently hackable Internet. Doing so feels like executive malfeasance to a guy who taught management for 30 years.
I understand it is initially cheaper to use a system everybody is tied into already, until some crafty nerd locks you down and demands millions or billions. Plus firms have to accept that disgruntled present and former employees are a regrettable reality of corporate life.
There have got to be better ways to provide security for complex, interconnected systems - for example checks and balances, retinal scans, dedicated lines, an "intranet," two person interlocks, single use code pads, this stuff isn't exactly rocket science. Spend a few million up front and deal with the tedium and hassle of being careful.
Pipelines aren't the only targets, how about the electrical grid? The air traffic control system? Rail line controls? City traffic light systems? Wastewater management systems? Refineries? Big city fresh water systems? My list isn't exhaustive.
What if somebody figures out how to lock up the Internet itself, hold it hostage? I have no idea if it is designed so sabotage isn't possible, it certainly needs to be.
Anything operating in interstate commerce can experience Federal oversight. President Biden should sic the Department of Homeland Security on this threat; it is a genuinely useful thing he could do.
As system security isn't obviously related to either climate change or racism - their apparent obsessions - I doubt the Biden claque will find it of much interest.
