DEV Community

Cover image for Security: We have been Fooled.
Scofield Idehen
Scofield Idehen

Posted on

Security: We have been Fooled.

Everything I knew about security growing up I learned from Hollywood movies; the green screens and the nerdish-like look were synonymous with being a hacker and one I wanted to recreate from an early age.

The first laptop I got, I quickly installed a hacker theme and started looking for videos and tutorials that would make me one in a week.

I soon realized this was not how it worked; becoming a hacker was not a walk in the park, and the movies in Hollywood were just overhyped and disenchant.

My first taste of the real world was when I let my guard down since I was so excited and naive about getting into the dark web, only to realize. It was the wide, wide west I got hit by ransomware.

All my files were corrupted. I remember trying to message the hackers, hoping to come to a compromise, but it ended in an impasse.

I took it slowly after this episode and read more, researched, and studied more about security.

I soon learned that the first thing you must learn about security is that you know nothing; just because it works does not mean it is safe.

Humans are the biggest loopholes to any security architecture.

My journey into ethical hacking was met with many setbacks, and I was amazed at how slow we are to change; there are servers without upgrades or patches than you can imagine.

According to CyberNews researchers, they identified more than 2 million web servers worldwide still running on outdated and vulnerable versions of Microsoft web servers.

Another research by Theregister indicates roughly 45,000 instances of the hugely popular CI/CD automation server are vulnerable to CVE-2024-23897, the critical flaw disclosed on January 24. 2024.

These all indicate that security will always be a global threat, as more and more attacks will happen because Dickson ignores the notification to update the servers or Paula uses a company system to download pirated software.

Time again, we are met with waves of hacks, and everyone is waiting for the next big one as more companies are going into negotiations with the hackers; I guess crypto came up with that strategy.

Crypto is another Bermuda triangle with constant hits. Billions have liquidated, and everyone seems not to know what decentralization means, as we are still buying and trading on a centralized platform.

So I wondered what the fuss is about and with ETF coming, what is the purpose of it all.

So why this post, some might ask?

The Snowden exposé showed how much power the state has over security; it was a bombshell in 2013, and while it exposed the five eyes, it led to a real discussion on what true security means for the state and individuals, but other actors have taken it a step forward.

State actors are building sophisticated systems and structures, groups such as Cozy Bear (Russia), Lazarus Group (North Korea), Double Dragon (China), and Helix Kitten (Iran).

We are running a catch-up on security as individuals or corporations.

This group is notorious for interfering with the state and implementing some of the mind-blowing hacks the world has seen, and the state sponsors them.

To end the first part of this discussion, here are my thoughts on the future of security: we face an existential threat from our own government.

Our data is being used as bargaining chips and commandeered by the will and objectivity of war-hungry generals who believe everything is a battle cry.

Share your thought, I wrote this in a hurry, let me know what is missing or if got it right.

Top comments (0)