I have a better idea... why not pass a law that makes having critical infrastructure systems accessible via internet ILLEGAL YOU FUCKING MORONS. Pff nonsense, if we ask nicely companies to be secure, they will! In fact, let's give them immunity! Yeah, damn those HACKERS! Scumbags.. sitting in their homes eating chips and drinking mountain dew... Using LOIC to DDoS my playstation fun.... In fact, let's treat them like ORGANIZED CRIME! Countdown for the government to use this to quash DDoS protesting in favor of Wikileaks 3..2...
Just get Tor. They can put up all the laws they like. But making laws without a group of people meant to catch hackers is idiotic. And the fact is that there is so much illegal crap on the web that they would spend 100% of their time getting rid of websites and would be too occupied to get rid of hackers. There are nearly 2 billion people. That would require a police force the size of a small country.
Sure, but there are such things as VPNs, and truly private networks. For instance, I work from home, and connect to work over the Internet using an encrypted up the wazoo VPN. Once onto the company LAN, I then have to authenticate through a proxy, to get to inside the datacentre network and through it's Firewall. That only gets me access to a couple of terminal servers, which I have to log into, and then I can get access to the rest of the servers from there. That's just for regular servers, there's two more levels of cryptography/authentication to get onto the low level security environments. That's all I'm cleared for. I'm sure decent cryptography and a DMZ would keep hackers off critical infrastructure servers.
The function of certain critical infrastructure REQUIRES ACCESS by internet. Internet is the medium which most government infrastructure are LINKED, and it is the whole reason internet exists. Internet was not originally created for your enjoyment buddy. Lol.
How are you going to isolate inferstructure? Take health and education which are the 2 biggest uses of communications. How exactly are you going to isolate the GP clinic in Alice springs which needs to send MRIs down to the RAH in Adelaide to be interpreted WITHOUT using the normal phone network or the internet? If it uses anything other than one dedicated cable with guards along it to stop physical tapping? Then there are the ambos driving around transmitting ECGs to central hospitals in Queensland for interpretation, all wireless communications can be intercepted. How do you stop this? Hell the government radio network is so open that you can hear the ambulance services general alarm going off in the back of the 10 news services. Australia is WAY to big to run hard lines directly to ever piece of inferstucture to isolate it, its just not possible
Nope. Secure systems and encryption work. Part of my job is monitoring and applying security policy, as well as detecting systematic attacks. Nobody gets through to our unsecure systems, let alone our critical/secure ones. We have encrypted VPNs, hardened servers, and perform incursion tests of our own.
Hardly. Not one incursion in ten years. Why would they hack us, when it's hard, and has little tangible benefit, when they can hack Sony, and get credit card details? Low hanging fruit get picked first.