Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security

Craigslist Founder Gives $300M to Fund Critical US Infrastructure Cybersecurity (yahoo.com) 16

Craig Newmark "is alarmed about potential cybersecurity risks in the U.S.," according to Yahoo Finance. The 71-year-old Craigslist founder says "our country is under attack now" in a new interview with Yahoo Finance executive editor Brian Sozzi on his Opening Bid podcast.

But Newmark also revealed what he's doing about it: [H]e started Craig Newmark Philanthropies to primarily invest in projects to protect critical American infrastructure from cyberattacks. He told Sozzi he is now spending $200 million more to address the issue, on top of an initial $100 million pledge revealed in September of this year. He encouraged other wealthy people to join him in the fight against cyberattacks. "I tell people, 'Hey, the people who protect us could use some help. The amounts of money comparatively are small, so why not help out,'" he said... The need for municipalities and other government entities to act rather than react remains paramount, warns Newmark. "I think a lot about this," said Newmark.

"I've started to fund networks of smart volunteers who can help people protect infrastructure, particularly [for] the small companies and utilities across the country who are responsible for most of our electrical and power supplies, transportation infrastructure, [and] food distribution.... A lot of these systems have no protection, so an adversary could just compromise them, saying unless you do what we need, we can start shutting off these things," he continued. Should that happen, recovery "could take weeks and weeks without your water supply or electricity."

A web page at Craig Newmark Philanthropies offers more details Craig was part of the whole "duck and cover" thing, in the 50s and 60s, and realizes that we need civil defense in the cyber domain, "cyber civil defense." This is patriotism, for regular people.

He's committed $100 million to form a Cyber Civil Defense network of groups who are starting to protect the country from cyber threats. Attacks on our power grids, our cyber infrastructure and even the internet-connected gadgets and appliances in our homes are real. If people think that's alarmist, tell them to "Blame Craig." The core of Cyber Civil Defense [launched in 2022] includes groups like Aspen Digital, Global Cyber Alliance, and Consumer Reports, focusing on citizen cyber education and literacy, cyber tool development, and cybersecurity workforce programs aimed at diversifying the growing field.

It's already made significant investments in groups like the Ransomware Task Force and threat watchdog group Shadowserver Foundation...
This discussion has been archived. No new comments can be posted.

Craigslist Founder Gives $300M to Fund Critical US Infrastructure Cybersecurity

Comments Filter:
  • It is one of mindset. And as long as software, system-administration, etc. needs to be primarily cheap, it will remain grossly insecure.

    • by evanh ( 627108 )

      So true. One thing infrastructure companies don't lack is money.

      • by gweihir ( 88907 )

        Yes. But they do not invest into IT security because they do not understand it and even more money will noch change that lack of understanding.

  • by DraconPern ( 521756 ) on Monday November 25, 2024 @02:32AM (#64969935) Homepage
    So.. the money is going to openssl?  opensource oauth2 libraries? open source SAML libs?
    • by jd ( 1658 )

      Why would it necessarily be ooenssl, when libressl is the fork fixated on security?

      I think it should go to open source projects, but deciding which ones won't be an easy task.

  • Shame Zuck's FB Marketplace ate his lunch. Seriously, I don't think there's anybody left on Craigslist besides the spambots.

  • by jd ( 1658 ) <<moc.oohay> <ta> <kapimi>> on Monday November 25, 2024 @05:12AM (#64970075) Homepage Journal

    This should have been the emphasis at the start of the millennium, not a quarter of the way through it. We're already under severe attack, attacks that should never have been possible to begin with.

    I understand Craig can only donate so much, he's not as rich as a lot of other folk, but a complete overhaul of US cybersecurity to the point where it's meaningfully secure is going to cost tens of thousands of times that because it has been left so late in the day.

    (Even if it had been done in 2000, you'd still be looking at a hundred times that figure.)

    This is why you don't leave critical stuff until after the last minute. The price of repairing failures when they're already occurring is much, much higher, and the complexity in the past 25 years has shot up.

    It's now at the point where national governments need to be involved, because philanthropists can't come up with the trillions it will now need because nobody in authority bothered.

    Fixing the Titanic as it sinks is always going to be a much harder task than building it right to begin with.

  • For surveillance then the bad guys are going to find those backdoors too, close the fucking doors and that will go a long way in securing the internet
  • by Mirnotoriety ( 10462951 ) on Monday November 25, 2024 @06:15AM (#64970131)
    One thing they could do is not connect their Windows SCADA units directly the Internet:

    Aug 2003: Slammer worm crashed Ohio nuke plant net [theregister.com]

    Sep 2003: Blaster Worm Linked to Severity of Blackout [computerworld.com]

    Nov 2003: Software Failure Cited in Blackout Investigation [computerworld.com]
  • The chain of custody in Cyberville from a software perspective intrinsically leaves chokepoints for human inputs that betray its security aspirations. Craig congrats for putting money behind an effort to get the ball rolling. At some low level of granularity infrastructure improvements can be made to be more cyber-resistant. Babysteps should be welcome and exuberantly implemented where contagion can be isolated from further encroachment up the chain.
    In a software defined, digitally managed hardware configur

  • https://en.wikipedia.org/wiki/... [wikipedia.org]
    "Brittle Power: Energy Strategy for National Security is a 1982 book by Amory B. Lovins and L. Hunter Lovins, prepared originally as a Pentagon study and re-released in 2001 following the September 11 attacks. The book argues that the U.S. domestic energy infrastructure is very vulnerable to disruption, whether by accident or malice, often even more so than US technology is vulnerable to disruption of the imported oil supply. According to the authors, a resilient energy syst

  • When I think of Craig, I think of Craigslist. And when I think of Craigslist, I think of scams. I see obvious scams. I see people begging scammers not to bother them while they try to sell their legit items, because if you've ever tried to sell something of any value on Craigslist, you've likely been contacted by a scammer.

    I see people giving away and selling pets in every category. I see dating ads in every category. It is not uncommon to see someone selling drugs in any category. Whether or not you agr
  • Now the threat is about to be coming from inside the Whitehouse. GG America.

To thine own self be true. (If not that, at least make some money.)

Working...