First, let me state the problem, then I will tell you the solutions:
Yesterday the world echoed a news about how a hack attack had almost checkmated many hospitals and companies around the world.
You can see here the news: https://www.nytimes.com/2017/05/12/world/europe/uk-national-health-service-cyberattack.html?_r=0
This is big news, some people blamed US government, some people blamed the NSA, here in Spain some people were blaming Nacho Alonso known hacker hired by Telefonica of not having done enough to avoid the attacks…
The only people who blame are the ones making the attack who will be unknown if they did a good job although they should be not so hard to track as bitcoins are traceable and they asked for ransoms in bitcoins. A bitcoin holder is encrypted but with a little of Big Data analysis anyone should be easy to identify with little margin of error.
That would be a matter for many articles itself, but what worries me are not police stories about ransoms and criminals, what worries me is how dependent we have become on technology and how vulnerable it is.
In this era Internet and its security issues should be rethinked and maybe the core of the system should be rebuild from scratch.
There is a simil with Energy. If a million people depend on a nuclear power facility for their energy needs and anyone attack the facility everybody is without energy, but if there are 1 million solar microfacilities in the home of every individual and they all share energy in a protected and intelligent way, it is quite harder for an attacker to break that system.
Internet and computing vital systems should do the same. Instead of huge datacenters in which all rely on, there should be more power on user’s computers and telecommunications companies should share failover protocols to recover from fatal attacks.
The core of the solution is on those companies distributing their power among thousands of centers instead of having just a few backbone centers.
On the other side of the spectrum, we have hospitals, airports, banks …
They totally rely on theur computing systems which is great and modern society need that but as we saw yesterday they can be totally blocked in the case of an attack.
It is a need to have failover system that follows every transaction of the main system and in case of an attack, the secondary system wakes up and assumes control,
This failover system should be apart from the main system and totaly secured. Every log of a transaction in the main system must be recorded in the secondary system and every day all data should be backed up encrypted in the secondary system so as in the case of an attack we can perfectly replicate the main system and the hospital can be working business as usual.
This is tremendously expensive of course, but at the sight of the evil inside the human being and the hate living in our planet we must protect ourselves and make every computing system sustainable.
Furthermore, legislators must take action and make formal Laws against this kind of attackers. If one person die as a direct consequence of an attack on the information system on an hospital, the attacker should be charged with murder, not just with an attack on a computing system.
And in that legislative changes, ethical hackers should be distinguished from bad hackers. As I said many times, it should be all about intention when it comes to judge a human beign.