try to take the required actions.
1, 6 Buyers
will not pay a premium for value (
security) they cannot measure, and which in
many cases does not affect them personally and directly. Approaches suggested
by economists to measure the value of
protection do not help because the cost
of a security catastrophe is up to anyone’s
imagination. This has prevented an insurance industry for software producers
from emerging, and as Anderson and
Moore write, “if this were the law, it is unlikely that Microsoft would be able to buy
insurance.”
1 In practice, the reduction in
stock value after disclosing a vulnerability is less than 1%.
5 The abstract danger
of large-scale attacks leading to financial
loss and even loss of human life is not
enough to change this.
At the same time, we are inundated
by increasing numbers of reports of
data breaches and hackers infiltrating
various systems (see Table 2 for prominent recent examples). Some of these
incidents demonstrate that extensive
physical civil infrastructures are at peril across the globe—including hospitals, power plants, water works, transportation systems, and even nuclear
facilities. And the root cause at least
in some cases is the failure of the software to take appropriate precautions.
The software systems in a modern
car—not to mention a passenger plane
or a jet fighter—are of a scope and com-
plexity that rivals any operating system
or database produced by the traditional
software industry. Indeed, every industry
ments are the perceived monetary costs,
the difficulties or even the impossibil-
ity of implementation, and the fear of
reduced innovation and technological
progress. Schneider, in a recent Com-
munications Viewpoint, also notes the
need for a detailed cost/benefit analy-
sis to ascertain what society is willing
to pay for improved security, where the
costs also include reduced convenience
(due to the need for authentication) and
functionality (due to isolation).
4 And in-
deed all regulations are, by definition,
limiting. But do we really need to wait
for a large-scale security catastrophe,
possibly including significant loss of
life, before we act at all? As the Micro-
soft example shows, extensive techno-
logical solutions and best practices
actually already exist. It is just a matter
of making their use pervasive.
So why are software security faults
tolerated? A possible explanation is
that software deficiencies have so far
been less tangible than those of traditional industries. Many people install
multiple locks on their doors and would
consider holding intruders to their
homes at gunpoint, but fail to take sufficient safeguards to protect their home
computers from hackers. The problems
resulting from identity theft are much
more common but also much more bureaucratic, boring, and less visual compared to more dramatic problems such
as exploding gas tanks in pickup trucks.
But above all else, it seems there is a
market failure in incentivizing the indus-
Advertise with ACM!
Reach the innovators
and thought leaders
working at the
cutting edge
of computing
and information
technology through
ACM’s magazines,
websites
and newsletters.
Request a media kit
with specifications
and pricing:
Ilia Rodriguez
+ 1 212-626-0686
acmmediasales@acm.org
◊◆◊◆◊
Table 2. Notable security incidents from 2007–2017.
Year Incident Significance
2007 Massive DDoS attacks on organizations and
infrastructure in Estonia
First demonstration of extensive countrywide
disruptions, possibly in connection to
international relations
2010 The Stuxnet cyber-weapon is used to disable
physical centrifuges used in Iran’s nuclear
program
Demonstration of potential impact on
computer-controlled physical infrastructure,
and demonstration of cyber-weapons that
jump air-gaps and remain undetected for
long periods
2013 Yahoo is hacked and data about all three
billion user accounts is stolen
Biggest data breach of its kind
2016 Hackers break into DNC computers and
disseminate confidential documents
———————————————
DDoS attacks using a botnet of some 1. 5
million Io T devices (ironically, mainly security
cameras)
Strategic hacking with possible effect on
the outcome of the U.S. presidential election
———————————————
Demonstration of new vulnerabilities
resulting from technological progress and
insufficient consideration of security
2017 The WannaCry ransomware infects more
than 200,000 computers in 150 countries,
causing disruptions such as the closing down
of 16 hospitals in the U.K.
Demonstration of global-scale cyber crime
and putting human lives at risk