Friday, October 31, 2014

The chaos theory applied to information management

According to chaos theory, any change on a chaotic system could be amplified to the limit. Mathematician Edward Lorenz accidentally came to this conclusion when tired of waiting for his computer to calculate the result of climate change for a specific date considering several initial factors wrote down on a paper the final result and went for a coffee. Nevertheless, after two months simulation, the machine threw a different result from his. But no one of them was correct.

This paradox is commonly called the butterfly effect. CIGTR’s article today is precisely about the butterfly effect. For example, Pew Research says that we will be hit at least by one large-scale cyber attack by 2025. Increased connectivity, democratization, citizens’ digital exposure  and interest shown by governments on cyberwar are among its factors.

To get there, little changes have to be adopted. PandaLabs Quarterly Report is categorical: 20 million new malware samples identified in the third quarter of this year, with a global infection rate of 37.93% (slightly more than 1% compared to the previous quarter) . 75% of them by Trojans,  12.2% increase since the second quarter, followed distantly by PuPs, spyware or adware infections, worms and viruses.

If that's not enough, get ready for the kicker: growing online presence without properly secured devices. At Ekoparty, Cesar Cerrudo warned that American, French, UK and Australian road control systems have not any protection. Sensors installed on thousands of urban roads, which are responsible for monitoring traffic flow and work on traffic lights, send plain information allowing it to be intercepted and even to gain control of the system to perform massive spying.

Some vulnerabilities are large and some others are small, by depending on what level they can become huge. A simple SQL injection on Sony’s website allows attackers to access all PSN users’ data. A silly mistake on a website that manages highly sensitive information of hundreds of thousands of players.

Taking all this into consideration, 2025 seems to be too far away. Nothing else happens because there is no real economic interest to motivate it. Bad boys still have more than enough tools to cause chaos, whether they use vulnerabilities or user’s confidence. And the good ones are increasingly linked, formulating standards and cooperative agreements to repel continuous assaults on this new battlefield.

However the die may be cast and somewhere in the world the flapping of a tiny butterfly is being amplified. If it ends up either at one front or another is something unfortunately unknown.


Post a Comment