I spent most of the day yesterday reloading Windows on my Granddaughter’s computer after she contracted a nasty virus from Facebook, essentially making the system useless. The computer’s only virus protection was Microsoft Security Essentials. The truth is I had failed to install a more robust anti-virus protection system because I have not yet found a single one that completely protects.

I have experienced data breaches with McAfee, Norton’s, AVG,  and Avast. (I’m currently using ESET’s NOD 32, which is doing pretty well). I don’t for a moment believe that anything I do on the Internet is completely safe or private. Data breaches have become a way of life, it seems, especially for anyone looking in the darker corners of the Internet (e.g., software and video piracy).

The Ponemon Institute released a report in June 2011 that claims “59% of respondents say that their organization’s network security has been successfully breached at least twice over the past 12 months.” From Sony to the Pentagon, we seem hard pressed to keep the villains out of our systems, a trend that I expect to continue and worsen in the years to come.  In fact, Ponemon’s report indicates that “53% of respondents have little confidence that their organization will not experience one or more cyber-attacks sometime over the next twelve months.”

Last fall, the Conficker worm, also known as Downadup, spread through the Internet infecting as many as nine million systems. These infected computers can now be used in a massive botnet attack to do anything from sending Spam to attacking our infrastructure. Worse, even though Microsoft quickly released a patch that sealed this vulnerability in the Windows operating system, security researchers at Qualsys report that an estimated “30 percent” (about 2.7  million)  “of Windows-based computers attached to the Internet remain vulnerable to infection as they have not been updated with this patch.”

In 2007, Israel was reported to have bombed a suspected nuclear site located in the desert of Iran near the Euphrates River, about 80 miles from the Iraq border. According to reports, there was no response from Iranian anti-air defenses and the first indication that there was an attack at all was when the bombs fell from the sky. Analysts suggest that the United States and Israel has successfully hacked Iran’s defense system, and essentially, “turned them off”, allowing their bombers to fly over Iran’s air space with impunity. 

Further, Iran’s nuclear program has been set back years by viral attacks. One infection caused thousands of their centrifuges to spin out of control, essentially causing them to self-destruct. These particular viruses used the centrifuges own operating system to do this, implying that the virus designer’s had full knowledge of the manufacturer’s code. Similar reports of Iran’s being hacked, and them hacking others, abound.

According to supplychaindigital.com, cyber supply chains are vulnerable to attacks in US critical infrastructure, meaning essentially, that a foreign government could successfully attack our power grid and “turn it off” or cause it to self-destruct. Our nuclear plants control systems can be hacked and the reactors be made to overheat, resulting in a melt-down. Our communication systems, cell phone networks, Internet back bone, are all possible targets of a foreign power wanting to harm our country.

 Last month the Wall Street Journal, based on a Pentagon briefing, reported that Iraq and Afghanistan “Insurgents Hack(ed) U.S. Drones”, essentially downloading and watching the surveillance video of the unmanned drones. Theworldreporter.com reports this was made possible by use of “Russian software that costs a mere $26.”

Just last week, the International Business Times reported that a North Korean defector, Kim Heung-kwang, has warned about “North Korea’s concentrated efforts to bolster its cyber-warfare capabilities.” Kim said “that North Korea has procured more than 3,000 hackers serving in the North and abroad in China, Russia, and elsewhere.” These hackers are being trained extensively in the latest hacking techniques and then placed in various warfare units to serve as “cyberwarriors.”  

Last year a study by the International Commission on Nuclear Non-Proliferation and Disarmament (ICNND) found that terrorists could potentially hack nuclear missile silos. (Reported by the International Business Times).

Since 1990, China has reportedly pursued an active cyber-spying campaign, with unconfirmed reports of the Chinese Government recruiting, training, and supporting thousands of hackers. The well documented case of GhostNet in 2009 proved that servers based in China had accessed 1,300 computers in over 100 countries, including government institutions, international organizations, and the media, not to mention the computers of the Dali-lama. Recent headlines have reported that Chinese hackers targeted the House of Commons, US Oil Companies, Lockheed, the International Monetary Fund (IMF), Google (or course), and many other governmental and industrial networks.

As our gadgets get smarter and more prolific, they are increasingly becoming more vulnerable to hackers who wish us harm, or who just want to raid our bank accounts. Evidence indicates that world-wide governments, criminal organizations, terrorists, and individuals are trying harder than ever to bypass our security, take over our devices, and all for their own varied and malicious goals.

As Rick Wesson, chief executive of Support Intelligence, a computer consulting firm based in San Francisco, said “If you’re looking for a digital Pearl Harbor, we now have the Japanese ships steaming toward us on the horizon.” (Reported by The New York Times).

First Look inside the military's cyber war room: