SMR Knowledge

Building the Knowledge Culture

Dr. Halamka’s Good Notes on Cyberattacks

By

I often recommend Dr. John Halamka’s posts to colleagues, and this one in particular needs to be read.

Life as a Healthcare CIO always comes through with something of value to knowledge strategists, and the April 12 post really got me thinking. My guess is that most of us in the KM/knowledge services “side” of the knowledge domain tend to be pretty lazy about such things as cybersecurity (although I hope that’s changing as we continue to pull away at the “wall” between IT and KM). I have a tiny bit of experience with some of this, but I’m nowhere near any sort of professional or expert in how unscrupulous players get into our data and do bad things.

In Dr. Halamka’s description of a recent security breach at RSA Security, which RSA has shared, he tells a fascinating (and scary) story. Knowledge strategists should take a look.

Not only does Dr. Halamka describe the security breach, he provides us with some basic training in what we need to know about the four “stages” of cybercrime. Here’s what he says, noting that “the attack was remarkably sophisticated and illustrates the evolution of cybercrime over the past 10 years”:

1st Generation – Because I can
Worms, defacement of web sites

2nd Generation – I can make money
Botnets appear, denial of service attacks, seeking payment to stop attacks

3rd Generation – Organized crime
Large scale management of attacks, coordinated use of tools and techniques, trojans, worms Phishing, targeted attacks

4th Generation – Selling the tools
Tools to perform attacks become “vended” with 24/7 support available, Botnet rentals, sophisticated Id theft services, Licensed Malware appears, Exploit knowledge is sold.  Social Networks just for cybercriminals appear.  Cybercrime supply chains are formalized and fine tuned.

Dr. Halamka continues: “I’ve described security as a Cold War – the faster we implement protections, the faster the cybercriminals innovate.”

Let’s learn more and encourage the knowledge strategists we work with to thinking about cybersecurity.

About the Author

Guy St. Clair is the Series Editor for Knowledge Services, the new series (2018) from Verlag Walter de Gruyter GmbH, Berlin, the scholarly publishing house specializing in academic literature. The series subject is knowledge services, the approach to managing intellectual capital that merges information management (including technology management), knowledge management, and strategic learning. Guy also teaches in the Post-Baccalaureate Studies Program at Columbia University in the City of New York, where his course is Managing Information and Knowledge: Applied Knowledge Services. He is the author of Knowledge Services: A Strategic Framework for the 21st Century Organization (Munich: De Gruyter, 2016).

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Information

Follow Us

Recent Blog Posts