1. Introduction: The Hacker Advantage “When a general, unable to estimate the enemy’s strength, allows an inferior force to engage a larger one, or hurls a weak detachment against a powerful one, and neglects to place picked soldiers in the front rank, the result must be rout.” - The Art of War by Sun Tzu In the beginning, God created the heavens and the earth, and in the 20th century AD, mankind created the Internet. So in a sense, today, we inhabit two worlds: on the one hand, the natural world, which we call physical space, and on the other, an artificial world, which we call cyberspace. Increasingly, our way of life depends on a secure cyberspace. This is disconcerting, because the news is filled with stories of cyber-insecurity. What is it about cyberspace that lends itself to criminal activity run amok? Obviously, cyberspace is very different from physical space, but perhaps not so obvious is that some of these differences have significant security implications. Specifically, cyberspace is a distanceless, digital, and dynamic world, and each of these fundamental features of cyberspace tips the scales in the attacker’s favor.1 1.1 Distanceless Even though real distances are involved and time does elapse as we send and receive signals over the Internet, we experience cyberspace as a distanceless world. This distanceless property is what makes the Internet so powerful. Every computer is within instant reach of every other computer, making everything online immediately accessible. On the Internet, physical distance is immaterial. Being a distanceless world has major implications for security. Take, for example, a brickand-mortar bank in a rural Midwestern town. On any given day, this bank has to worry about threat actors like bank robbers, but the number of potential threats is minimal. In 1 This chapter is based on the author’s “Guardians of the Cyber Galaxy” TEDx talk: https://www.ted.com/talks/seth_hamman_guardian_of_the_cyber_galaxy Chapter 1
RkJQdWJsaXNoZXIy MTM4ODY=