As CISPA Hits Congress, Cybersecurity Company Hypes The Fear Of Anonymous

from the fearing-fear-itself dept

Through TNW, we learn of a survey published by threat protection company Bit9 that states an attack by Anonymous is the number one thing IT security professionals fear. Doubtless the release of this survey was timed to coincide with CISPA, the dangerous cybersecurity bill that is being debated in the House this week. It's no surprise that a security provider would want to play up the fear of cyber attack, but I'm reminded of a quote from comedian Dara O'Briain: "Zombies are at an all time low level, but the fear of zombies could be incredibly high. It doesn't mean we have to have government policies to deal with the fear of zombies."

Apart from the fact that the fear of something is pretty meaningless (except to those who sell security, and those who want to pass bad laws), the details of the survey make it clear that this is entirely a matter of the hype around Anonymous:

61% believe that their organizations could suffer an attack by Anonymous, or other hacktivist groups.

Despite the utter sense of fear that Anonymous has created over the years, 62% were more worried about the actual method of attack, with malware accounting for the most cause for concern at 48%.

Only 11% of the respondents were concerned about one of Anonymous’ actual methods of attack – DDoS, while fears over SQL injections dipped to a measly 4%. Phishing was a concern for 17% of the respondents.

So, despite the fact that Anonymous apparently has them shaking in their boots, they know that their real vulnerability is malware—and that's not really Anonymous' game. The fear is manufactured.

What this survey calls attention to, though, is a fact that deserves more attention: under CISPA or a similar law, Anonymous would make a juicy target. Security companies and the government could collude and share data not only to strengthen their networks against attack, which would itself be perfectly reasonable, but also to identify and investigate Anonymous members, notwithstanding any other privacy laws. Regardless of how you feel about Anonymous' tactics, this should concern you: privacy rights and the 4th Amendment exist for a reason, and CISPA would wash them away online. The authors of the bill insist that it targets foreign entities, but it is arguably an even stronger weapon against domestic hacktivism that will inevitably be used and abused.

Filed Under: anonymous, cispa, cybercrime, fear, security

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    aldestrawk (profile), 24 Apr 2012 @ 4:36pm

    Bit9 doesn't support CISPA

    If you read the article referenced in this story it is completely understandable that you could come away with the impression it was no coincidence that Bit9 released the survey results while CISPA was being debated and the survey results could be used to support CISPA. I looked further and it seems the survey release may or may not be coincidental but if the timing was intentional Bit9 is only glomming onto any sort of publicity dealing with "cybercrime".
    From Bit9's web-site and about the survey:

    "Despite current plans to implement cyber security legislation, only 7 percent believe that government regulation and law enforcement will best improve security."

    and from:

    "S o how do we protect against these types of attacks while still not infringing on the privacy of the typical user? The legislation is very broad, leaving a lot of wiggle room for the government to acquire information outside of the bill's initial intent. Unlike the USA PATRIOT Act, which allows roving domestic wiretaps, CISPA would grant the government unprecedented access to web company user data and trump already passed (and extended) legislation like the USA PATRIOT Act."

    "By putting companies in control, the bill claims to protect each user’s privacy by not mandating private or public web companies to fork over their user data. This would leave companies like Facebook to choose what to do with the information it knows about you as opposed to the government – a little better, but still disconcerting. Facebook, Microsoft, Oracle, Symantec, Verizon and reportedly Google have come out in support of the legislation – a stark contrast to the public and company protests regarding SOPA and PIPA."

    "But most of these brands do not have a great track record of protecting user privacy to begin with. So the fact that they embrace support for this bill is a far cry from an authoritative endorsement of user privacy protection. The bill may be an "opt-in" legislative measure, but who is to say that both parties (the government and corresponding companies) can't both mutually benefit from the sharing of private information? This may now give companies the ability to barter private information with the government in exchange for corporate influence."

    I would say this shows that Bit9 does not support CISPA. It does show that you often need to look past a single blog's summary of an event or publication, particularly if you are going to make a presumption, about Bit9 and CISPA here, that the blog does not make.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.