The bigger they are the harder they fall.

The higher you go the further you fall.

THESE ARE NEARLY inescapable realities within the human experience. Whether it be gravity, relationships, political or cultural standing: things that rise high and fast inevitably come back down, sometimes just a little bit, and sometimes a whole lot. Sometimes the fall is gradual, other times it is far more quick and violent.

There is no question that technology in general, and companies like Google, Facebook, Apple and Amazon specifically, have truly skyrocketed to unimaginable heights in what seems like the blink of an eye, or the click of a mouse.

Need proof? The top five market caps of all publicly listed companies in the US are technology companies. Five companies (Apple, Google, Microsoft, Amazon and Facebook) have a combined market capitalization over a whopping $3 trillion.

Company Cap Rank Market Cap Went Public Market Cap at IPO % Increase
Apple 1 $847.1B 1980 $1.7B 49,729
Google/Alphabet 2 $680.4B 2004 $23.0B 2,858
Microsoft 3 $646.0B 1986 $778M 82,993
Amazon 4 $566.3B 2012 $461M 122,742
Facebook 5 $523.0B 1997 $104B 403
Total  $3.262 Trillion  $130B  2,005

The meteoric rise of these companies goes far beyond their impact on the stock market. They have infiltrated our lives on a daily, hourly, and even minute-by-minute basis via devices, social interactions, shopping, search engines, cute cat videos and so much more. Their impact on our lives is deep and encompassing.

The rise of each of these companies have not been without some spasms. Apple nosedived after it booted Steve Jobs before welcoming the tech messiah home. Amazon struggled to become profitable for a very long time. Microsoft was late to the internet browser/search game and was forced to play catch-up. Today, Google, Twitter, and Facebook are facing criticism over issues of privacy, monopolization, and even turning a blind eye when state actors, bots, and politicians harness their platforms for malice.

The products and services these companies peddle have become indispensable in our lives and have also come attached to them very serious concerns over privacy, security, personality manipulation, and addiction. The gravity of this becomes more and more apparent and profound the deeper our lives become inoperative without these wares.

The massive Equifax data breach, in which the critical personal and financial information of roughly half of the human population residing inside the United States is an alarming example of the serious downsides that exist when we give ourselves over to the alter of technology.

There is strong evidence that Russia and its operatives used the services of Facebook and Twitter to dabble in the 2016 American presidential election by expertly spreading fabricated news and generally stoking public rancor over a variety of social issues. This tells us that, despite rising market caps, technology is far from good all of the time.

Technology is a tool. Like any tool, it can be used for good, it can be neutral, and it can be used for ill. When technology is used for ill, often it is because morality is sacrificed for profit. Profit need not be purely monetary (though it largely is).  Profit can also be advancing a political agenda and/or causing opposition (whether that opposition be of a differing political party or nation-state) to falter or fall into uncertainty, chaos, and division.

Congress may now examine potential regulations of these media giants. Though Facebook, Google (who owns YouTube) and Twitter may not classify themselves as media companies, they certainly are acting as such. When it walks like a duck…

Around two thirds of American adults get some form of news from social media.   Whether or not these outlets “intend” to act as sources of news, they are being used in that way. That they have virtually zero editorial standards and are, in many cases, allowing all manner of unsourced and unreliable contaminants to infect discourse has not really been addressed. This won’t be for much longer. Addressing this problem will be contentious and complicated (signs of it are showing already) but it will be nonetheless addressed.

In one way or another, notable technology companies headquartered on the west coast of the United States are currently facing the following:

  1. Issues Around User Privacy
  2. Potential New Regulations and Restrictions
  3. Anti-Competitive Challenges (most especially from European nations)
  4. Cybersecurity Challenges
  5. Negative Press Around Company Practices and Executives
  6. Acting as an Uncontrolled Conduit for Fabricated Information and Abuse

These problems will not be solved overnight.

In the meantime, cybersecurity, what to do about cybersecurity?

 

THE VERY REAL corrosive nature of cybersecurity (or bad cybersecurity, I should say) poses such high financial, privacy, and reputational risks that it can and will seriously threaten how far and how wide we can take technology integration. Cybersecurity, or the concerns that surround it, could even cause a decline or dramatic slowing of technology growth.

While technology has opened many more doors between companies and consumers to pass information and transactions between them, it has also opened a very insecure gateway. This gateway often lets bad guys do bad things, like steal user or company data, spoof, dox, phish, go whaling, all sorts of fun stuff.

I have screens on my windows. Indeed, these screens can hinder a nice soft summer breeze, and yet they also keep out bees, wasps, mosquitoes, and bats (creatures I don’t really want to soar around my home). In this way, I am forced to sacrifice the unadulterated comfort from an unimpeded soft summer breeze to halt winged beasts from invading my domicile.

This analogy is a good indication of how I see the internet evolving. Right now, we have windows with screens that contain large holes or gaps in them. Even when adequate screens exist, we aren’t very good at maintaining these screens. When a hole in the screen opens, we don’t fix it until we get stung once or twice or ten times by a pack of angry, buzzing hornets.

In our rush to leverage everything we can from the web as quickly as we can, we have installed thousands of very big windows featuring inadequate screens. This might be alright if we lived in a world where winged beasts weren’t stalking about, but we do not. Similarly, we do not live in a world where everyone uses the internet in an upstanding and decent way. Indeed, if cybercriminals were winged beasts, the internet could be classified as the world’s most terrifying ecosystem. And we, or the companies that represent us (I’m looking at you Equifax) have basically handed over personal and financial data as if they were staring down the barrel of a gun in a dark alley.

As an aside, do we really need three credit bureaus? I suppose three times the fun, three times the opportunity to have our personal information held hostage for eternity.

The world is simply unstable. There is constant conflict, and this often leads to war.

In war, much is sacrificed in the aim of victory. The first causality is often the truth. The second is civility. History has shown that nations (and their leaders) have very little hesitation using deadly weapons such as mustard gas, nuclear bombs, napalm, and more, to achieve triumph. So, it is of little surprise that cyber weapons are now being harnessed to gain political advantage.

The cost and physical barriers to creating and using cyber weapons is virtually zero when compared with what it takes to design, create, test and use conventional weapons like the ones listed above. This is only amplified by the fact that in a rush to build cyberspace, we have sacrificed security for increased ease and lower cost.

Cyber weapons are already being used by countries aiming to seriously unsettle and damage another. The Stuxnet virus, likely created by the combined efforts of the US and Israel, specifically targeted and damaged a number of Iran centrifuges to disrupt the country’s nuclear program. Russia, as mentioned above, has used cyber weapons to interfere with elections in the US and Europe. There are likely more instances of the deployment of cyber weapons for which we are not aware. Unlike many other conventional weapons, there are no international standards or accords which govern the creation and use of cyber weapons. Unfortunately, we tend to have the bad habit of waiting until something very bad happens before we bother with crafting this type of regulation.

What will occur when one of these cyber weapons is used on a massive enough scale to cause very serious damage to another country? There are nearly endless possible scenarios of the damage a well deployed cyber weapon could inflict. Worst-case scenarios might include a lengthy disruption of an electrical grid and the havoc that would ensue on an unsuspecting populace. Another example could include a targeted attack on a nuclear power plant. As Stuxnet shows us, this is a very real possibility.

Cyber weapons have already caused real world damage: Stuxnet, election meddling, hacks on Equifax, Sony and others plus countless other large and small cyberattacks. Hospitals have been hit with ransomware, forcing critically ill patients to be moved from one hospital to another. There is zero reason to think that cyberattacks will abate. Especially considering the cracks are widening. With every device added, more holes are created.

 

ESSENTIALLY, SECURITY IS based on computer code, very complex computer code.  More complex code is more likely to have greater vulnerabilities because of its complexity.

While code is an unfixable weakness, people also compound the problem, creating threats and attack vectors. Insiders can commit acts because they are angry or disgruntled or they could be motivated by profit or idolatry. In any case, a notable percentage of cyberattacks involve human insiders set on causing harm.

Up to now, we have mostly benefited from the current explosion of technology innovation. Yet, with this innovation, some threating things are now occurring. We have built very complex and very interconnected technologies that sit at the core of our daily lives and are essential to our basic needs. These technologies are increasingly difficult to secure. The Equifax breach was caused, in large part, by a simple failure to apply an available patch to a known exploitable vulnerability in software. Merck pharmaceuticals was also seriously damaged by a comparable attack, around this same time, because of a similar oversight.

We have created a pretty large target for the bad guys, and by successfully hitting this target, significant disruption can occur. We also do not have a very viable solution for minimizing these threats or decreasing the size of this target. Quite the contrary, we just keep making the target bigger.

No one can predict the future with 100% accuracy. Yet, it doesn’t take a Nostradamus to see that cyber weapons will be created and used for maximum and lasting effect to suit both the rational and twisted purposes of persons or nation-states.

This event will come, what some refer to as a “Cyber Pearl Harbor.” We may see the tampering of a nuclear plant or damage to an electrical grid affecting millions. It could be a power surge or computer virus which destroys millions of devices. The potential scenarios are endless. The public’s faith, trust, and love of technology will then be seriously impacted.

People will then confess their shock and surprise. In reality, however, there should be no surprise. This event is inevitable. Yet, instead of preparing for such an event, we continue to increase our reliance on technology without confronting these inherent dangers. Our continued procrastination will lead us nowhere good.

We are experiencing a technology backlash at some level, and this backlash will increase. It will do so exponentially after something very big, very impactful, and very damaging happens. This event will be directly caused by our unwillingness to be diligent stewards around our furious development of technology.

You can clearly see ominous clouds gathering on the horizon. These clouds take the forms of Stuxnet, ransomware, and the major cyber breaches that have affected Equifax, Merck, Sony, Target and many others. They portend of a major storm to come. They are warning us. Unfortunately, we do not seem to be paying adequate attention. Nonetheless, the storm will come.

Soon, we will be forced to examine technology and its impact. We will be forced to reckon with the way we develop technology, and our failings at adequately securing it.

I ONCE HAD a friend who owned a pet snake. It was a boa constrictor. When he purchased the snake, it was two feet in length, both interesting and harmless. He enjoyed letting his new pet slither around his body. He was aware that boa constrictors grow, become more powerful and remain wild animals that can never truly be domesticated like a cat or a dog. Yet, he liked his snake very much, and he enjoyed interacting with it so much that he placed those worries out of his mind.

He took very good care of his pet snake and fed it regularly. In time, the snake grew bigger, longer, thicker, and stronger.

One day, he was letting his pet snake slither across his body. Without any warning, the snake began to tighten around his left leg. This is something the snake had done before, but it was never strong enough to do any damage. He was always able to pull the snake off. This day was different, however. This day the snake was strong enough so that he could not remove it from his leg. The snake tightened more and more around his leg, until the situation became both painful and alarming.

Had my friend been alone, there is no telling what might have happened. Likely, he could have lost a leg or worse. As it happened two of us, his friends, also happened to be in his room. After we stopped laughing at his initial cries for help, and understood the gravity of the situation, we came to his aid. It took all three of us no small amount of effort, and several minutes, to get the snake off of his leg.

The lesson here is that even though my friend understood the danger his pet snake could inflict, he still deliberately helped it grow bigger and stronger, and he was shocked and surprised when it tried try to crush the life out of him.

In the end, my friend was forced to get rid of the snake. In hindsight, he probably should have done so long before he did, or at least kept it securely in a tank. But he loved and trusted the snake; he enjoyed interacting with it. He ignored the danger that was right in front of him.

Was my friend dumb?  Yes. He got lucky. The snake wanted to kill him and eat him. It tried to kill him and eat him. It was always going to, one day, try to kill and eat him.

For all its wonder, technology is also very dangerous. We must never forget this, or the consequences will be severe.