Don’t worry about dorm-room hackers, crime rings, or the mafia, said two cyber-security experts Thursday at the Washington Ideas Forum.
Worry about the government. Or, rather, the governments, plural.
“These attacks are happening all the time,” said Dmitri Alperovitch, CTO and co-founder at Crowdstrike, of attacks on American corporate and government servers. “These are not malicious actors, but nation-states, and they want to steal our intellectual property so they can better compete on the markets.”
(As a private cybersecurity company, Crowdstrike is in the business of protecting companies from exactly these kinds of targeted IP attacks.)
Morgan Marquis-Boire, the director of security at First Look Media, agreed. As security lead at that news startup, Marquis-Boire is charged with protecting some of the reporters most focused on the Snowden leaks. And journalistic organizations, he said, are another frequent target of state-sponsored attacks. More than 20 top media outlets have been hacked by governments or others acting in their stead.
Both men focused on the asymmetry of the attacks, and the impossibility of ever fully being protected from them. If you’re doing a story on Chinese leaders illegally enriching themselves, Alperovitch said, “I can guarantee you, you’re already infected.”