Governments Looking to Civilians for Cyber-Security

March 13, 2017

An article came out in January reporting Thai government looking to recruit civilians for cyber warriors. [Source]

“The junta’s move follows a recent series of cyberattacks, reportedly mounted by the hacktivist group Anonymous, in retaliation for Thailand passing a newly amended cyber law, widely considered to be restrictive to users’ internet freedom.”

Interestingly, this same idea was mentioned publically back in 2015 by our own government. [Source]

But is this a good idea? We have seen the discussion of failure on proper vetting for bringing in refugees into the Country. Will the US Government do a better job in vetting civilians to access their servers?

Personally, I think it’s an interesting idea. The fact they are even contemplating this idea gives us a good tell on where we are with cyber-security. If they are seriously considering to recruit civilians to help defend the servers, then they must be overwhelmed with activity against us.

My initial questions on how would they go about to do this?

  1. Access
    a. Would this be via remote? This opens additional issues of security.
    b. Access via physical in network computers. Then you would have to find civilians near a military base.
  2. Training
    a. This would take some time and resources. Even when you get the education in place, you would need a continued education program.
  3. Payment
    a. Those signing up for the military tend to get a bonus or incentive. This generally comes in, via monetary up front or through education and skills. It would be interesting to see the incentive, outside of nationalism.
  4. Time
    a. Outside of the necessary training for education, what time will be required for the civilians? Will they be going online or access the servers on a scheduled time?
    b. Perhaps once education has been satisfied, they will be considered on-call, much like the reserves.

Still, I think this may be a good thing for the security of our infrastructure, if they can figure a way to do this without causing less security.

Allowing access on a physical base poses a different security issue than access on a server.

 

#authormattcole

No Comments

Leave a Reply

Your email address will not be published. Required fields are marked *