Friday, March 31Welcome

The tech ecosystem has ‘been really insecure’

The head of America’s top cybersecurity agency warns that the current technology ecosystem that underpins much of our lives is at risk of being hacked by malicious actors.

In an interview with Yahoo Finance at CES 2023 in Las Vegas, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said the technology industry, consumers and governments are working together to improve cyber safety in the United States. I explained that it needs to be improved.

“We live in a massively connected world, and the critical infrastructure we rely on is all driven by technology ecosystems,” said Easterly, former head of farm resilience at Morgan Stanley. It’s supported and unfortunately very insecure.”

She added: We need to create a sustainable approach to cyber safety and that’s the message I’m giving her at CES. ”

WASHINGTON DC - APRIL 28: Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly testifies before the House Subcommittee on Homeland Security at the Rayburn House Office Building in Washington, DC on April 28, 2022 To do.  Easterly testifies about his fiscal 2023 budget request for CISA.  (Photo by Kevin Deitch/Getty Images)

Jen Easterly, Secretary of the Cybersecurity and Infrastructure Security Agency (CISA), testifies before the House Subcommittee on Homeland Security at the Rayburn House Office Building in Washington, DC, April 28, 2022. (Photo by Kevin Deitch/Getty Images)

Easterly, who became director of CISA in 2021 and helped create and design the U.S. Cyber ​​Command, said technology companies need to make sure the software they expose to the world has fewer flaws that hackers can exploit. explained.

“We have basically accepted that technology with tens, hundreds, and thousands of vulnerabilities, flaws, and flaws will be released to the market as normal,” he said. “We have accepted the fact that cybersecurity is my job, your job, my mother’s and my children’s job, but we have the best equipment that can do something.” It put the burden on the consumer, not on the companies that have it.

In recent years, hackers and state actors have targeted everything from critical US infrastructure to IT systems that help small towns serve their residents. Example: In 2021, hackers attacked JBS, the world’s largest meat supplier, and demanded an $11 million ransom. That same year, attackers breached the Colonial Pipeline system, threatening a fuel shortage on the East Coast. Hackers also launched ransomware attacks against hospitals and hospital systems throughout the pandemic, forcing facilities to delay patient care.

Hackers can exploit weaknesses and errors in the code that makes up the operating systems and software that power computers and servers around the world to gain access to systems. Because that code is written by humans, and humans are flawed, it inevitably introduces a potential vector from which hackers can launch attacks.

Easterly said technology companies like Microsoft (MSFT) that power the world’s computers must hold to higher standards to ensure their software is as flawless as possible. .

To do that, companies must create products that are designed to be secure, ensure software security settings are on by default, and CEOs accept appropriate cyber responsibilities for their companies, the director said. said.

“Cyber ​​is a social good,” said Easterly. “It’s about social resilience. And my final message is that we need to fundamentally change the relationship between government and industry.”

Sign up for Yahoo Finance’s Tech newsletter

Other works by Dan

Any tips? Email Daniel Howley ( Follow him on Twitter. @Daniel Howley.

Find the latest tech business news, reviews, and helpful articles on tech and gadgets here

Read the latest financial and business news from Yahoo Finance

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *