Experts think so. William Jackson over at Government Computer News has written a great article about the latest attacks and what experts think we need to do:
The CIA has become a member of a less-than-exclusive club of high-profile targets hit by online attacks, falling victim to a denial-of-service attack that temporarily took down its website.
The outage was reported June 15 and the LulzSec hacker group claimed credit. Other recent victims of a variety of attacks include defense contractors Lockheed Martin and L-3 Communications, the website of the Atlanta InfraGard chapter, the International Monetary Fund and the U.S. Senate.
Some of the attacks were targeted, using data stolen earlier this year from EMC’s RSA security division, some involved webpage defacements and others were simple denial-of-service attacks.
“They all have one common denominator,” said Eric Giesa, vice president of product management for F5 Networks. “All of them are preventable.”
Giesa blamed the cybersecurity industry as much as the users for the lack of preparedness. “Shame on the industry,” he said. “We haven’t been doing a good enough job of educating people how to protect against these things.”
“A lot of this stuff we should be able to stop,” agreed Kevin Haley, a director of Symantec Security Response. “But we’re not. People haven’t been doing the easy things to stop the attacks.”
Read the rest of the story over at gcn.com