In the 16th century, Sir Walter Raleigh famously said, "He who controls the seas controls the world." In the 20th century, that saying became, "He who controls the air controls the world," and now in the 21st century it has become, "He who controls cyberspace controls the world." The battlefields have changed, but the game remains the same and it's increasingly difficult to mount an effective defense.
Throughout history, alliances have been born that allowed nations with like-minded interests to pool their resources to achieve their goals, whether they sought economic advantage, strategic protection or conquest. Most recently, we learned from the New York Times that the United States and Israel may have collaborated in the . Stuxnet was designed to attack Siemens controllers for industrial systems, like those used to run the centrifuges in Iran's nuclear production facilities. Stuxnet was so successful that experts believe it may have damaged or destroyed more than 900 centrifuges, setting Iran's nuclear-weapon-production capability back as much as five years.
Stuxnet is a beautiful piece of cyberengineering. But it points out a problem all security professionals face: You can't defend against everything. The United States developed nuclear weapons without the assistance of modern computers. What's to stop Iran, or any other nation with nuclear ambitions, from going old school? Every weapon used to attack will at some point be vulnerable to countermeasures. ? You probably don't like torpedoes much. Controlling the air? You could do without surface-to-air missiles. Controlling cyberspace? You get the idea. If Iran were to unplug, its vulnerabilities would decrease.
Now reverse that idea: As we focus on defending against the latest and greatest cyberattacks, our adversaries can always go old school. Nowhere is this truer than in cyberspace, where are still floating around 10 years after they appeared. Why is this important? Because as we focus on today's threats we may forget to protect ourselves from simpler attacks that worked in the past. There's only so much budget, only so many resources, that any entity can afford to dedicate to defense.