It doesn't need to be on the internet to be catastrophically exploited. Most buildings have zero defense against tailgating, let alone sophisticated covert entry. Most organizations contain people who can be tricked, bribed, or accidentally hire an adversary.
Disconnection can stop drive-by malware, people trawling for additions to their botnet collections. Someone who wants to launch a coordinated attack will have no problem getting behind the firewall or across the air gap at enough interesting networks to cause serious harm.
> Most organizations contain people who can be tricked, bribed, or accidentally hire an adversary.
I've been thinking about this all week. I discovered a fairly big vulnerability in our software the other day that allows anyone in the company to access data they shouldn't, not national secret level data, but enough that it could be somewhat valuable. We also have a number of people of a certain nationality that's somewhat hostile to the west, many of those people are programmers.
How would you differentiate incompetence that lead to the vulnerability from maliciousness that intentionally caused it?
Hostile and known for subterfuge. Most are probably alright but one in particular also had a run at politics with a fair bit of financial backing from this country.
Disconnection can stop drive-by malware, people trawling for additions to their botnet collections. Someone who wants to launch a coordinated attack will have no problem getting behind the firewall or across the air gap at enough interesting networks to cause serious harm.
We have to actually write secure software.