Good morning. It’s a pleasure to greet you here at NYIT this morning and be among the 10 types—that’s a 1 and a zero types—of people in the world: those who understand binary code and those who don’t.
As you know all too well, every year the need for security in cyberspace becomes more urgent—so I’m glad you’re here … and so is my smart phone.
Today we have at least one billion PCs in the world. Perhaps two billion smartphones. There are five billion cell phones worldwide, and soon they’ll all be smartphones, all connected to the Internet. We know that malware threats are rising exponentially, and many of the latest are targeting mobile devices. In fact, today we need to be concerned about “drive-by downloads”... another new phrase that will become part of our vernacular.
The Internet controls everything, or rather everything is becoming controlled through the Internet. It is our global nervous system. You see its results on the screen, but for most people, the extraordinary mechanisms behind that screen are invisible.
The Internet also lets us connect with almost anyone on Earth. And that’s a great thing. But there’s a downside—the Internet lets almost anyone on Earth contact us…and in some cases spy on us and more.
And while being spammed is a nuisance, we’re here to consider the more invasive connectivity that threatens the security of both the public and private sectors, and all of us.
North Korea, for example, outsources its cyber soldiers, paying for an elite corps of international hackers while the country begs for food relief. And it’s pretty safe from Internet retaliation—since North Korea has no Internet.
Other governments are hacking big U.S. companies to steal their intellectual property. In Romania, a whole town is getting rich off such contact. Its nickname is “Hackersville.” There, in the shadows of the Transylvanian Alps, men drive BMWs and women flaunt precious jewelry, trophies of their cyber blood-sucking.
And then there are those emails coming from Nigeria. Who knew there were so many princes in that country? Their urgent pleas for cash have entertained a whole generation, yet they’re also doing well. In 2009, the Dutch firm Ultrascan put the Nigerian take for that year at $9.3 billion—a big increase from the $6.3 billion in 2008. In the end, no kind of security can completely protect people from themselves.
But we’re getting better at it. And that’s part of another big trend. We call the field – your field – “cyber security” today—but tomorrow we’ll just call it “security.”
It will all be cyber, and will be much more visible. It will even protect people who will still use “password” as their password. But maybe not those people who, when asked for a password of eight characters, type in “Snow White and the Seven Dwarfs.”
Have you got a physical key in your pocket? This is very old technology. It goes back to the time of the pharaohs, four thousand years ago. The Egyptians used the same pin-tumbler approach we see today, but we know now that physical keys aren’t very secure. For instance, before keycards, thieves used to check into hotels, copy the key, and then come back to steal. Car security was a problem too. Once, there were less than two thousand different keys for all Ford cars, so each key could open and start thousands of cars. That’s probably not what the company had in mind then it came up with the slogan, “Have you driven a Ford lately?”
Software has changed all of that. Car thefts have dropped forty percent in the U.S. since 2003, and “keyless” keys are a big reason for this.
As we program electronic keys and locks, we can tailor them to specific uses. With a software key, a guest can use your house for two days, but not longer. With rental services like Zipcar, you can tell the key to work for only so many hours, or only in certain places.
Software let us go even farther. We already ID people quickly and accurately through biometric means, for example. This way, people don’t have to remember anything … and their fingerprints and retinas are hard to duplicate. Moreover in some countries, walk off a plane upon arrival and before, before, you reach customs and get to an old-fashioned stamp in your old-fashion travel diary of a passport, you have been fully identified and a startling amount of information about you is ready for review, especially if you are a perceived bad guy. Most of us think of the customs officials and gates as border security…sure if you have too many bottles of perfume in your luggage or if your student-visa is not properly recorded. But real border security is something else and it is digital.
Security, meanwhile, becomes all the more essential in regard to digital cash. People won’t use it if they think hackers can empty their bank accounts. And since these thefts often take place invisibly, people need strong assurances. They need new and increasingly refreshed safeguards.
We can certainly prevent digital holdups, but not if cyber attackers can actually get inside the software. Then it would be possible to be “robbed” from Romania or Russia and not even know it. So we need cyber bank guards—really, banking system guards—to make us secure. You know all this.
Anything the Internet touches, whether it’s the money flow, an airline reservation system, or a water treatment plant, is vulnerable. President Obama has stated the obvious, quote, “the cyber threat is one of the most serious economic and national security challenges we face as a nation” unquote, and that, quote, “America's economic prosperity in the 21st century will depend on cyber security.” Unquote.
The Roman Empire had only physical borders. But our nations have cyber borders, too. You are the guardians of them—and of our economic prosperity. As a model 21st-century global university educating students across borders helps spur productive dialogue on these critical issues to raise awareness and contribute to finding solutions. And also to protect ourselves. Here at NYIT we see between a million and two million discrete attacks each day attempting to breach our firewall; naturally the vast majority are broad automated attacks by people and computers hoping to find a sign of weakness.
At NYIT, we are educating and training students to join your ranks. A good university is what I like to call an idea incubator, the zone of exploration where we promote new ideas, accept failure, reward creativity, breed innovation, and foster interdependent learning. Core to this is providing students with the skills to assess and properly use the information they are gaining, and to leverage technology as a tool for the greater good. Perhaps to even go out into this invisible Wild West where you already do your great work.
We look forward to lively presentations and discussions today. Our speakers are impressive.