Dec 162010

Security and the law have not caught up with technology and the outlaws. But most people seem to be ignoring the risks in favor of the opportunities and I don’t see that changing in 2011. A high profile incident is bound to happen, probably sooner rather than later.

The headlines this year have been full of security issues facing the internet. First, there was the Zeus Trojan Horse which has stolen millions of dollars from small businesses and individuals. Zeus steals your credentials from your computer, and then uses them to make numerous small transfers from your bank account (under the $10,000 limit for reporting) until it has been emptied out. Since your computer was at fault, banks don’t feel liable for the theft. Zeus is a toolkit that has sold tens of thousands of copies on the Internet black market. Not wanting to be left out, SpyEye is a competing toolkit that not only steals your credentials, but kills Zeus in the process if it detects it. These ‘crimeware’ kits are purportedly developed and sold by organized crime. Oh, and by the way, they are virtually undetectable by most antivirus software.

But it’s not just the crooks that are out there. The Stuxnet virus hit the news this summer after being discovered as having attacked Iran’s Bashehr and Natanz nuclear facilities. Although the Pentagon can neither confirm nor deny knowledge of the virus, the incredible sophistication of the virus points to a few, highly skilled intelligence communities. It was reported just this week that Stuxnet is still wrecking havoc and Iran still hasn’t gotten it under control.

Then of course there is WikiLeaks. First with documents related to the war in Afghanistan, then a few months later, hundreds of thousands of diplomatic communications. The government agencies in charge say it will take years to properly secure their networks. But, when certain organizations went to shut down WikiLeaks operations (such as Amazon, PayPal, Mastercard, etc.) all hell broke loose. Members of the group Operation Payback initiated Denial of Service (DDoS) attacks on those sites. In addition, up to 3000 people downloaded programs from different websites that allowed them to contribute to the DDoS attacks against numerous free speech foes including Joe Lieberman and Sarah Palin (ironically for speaking their minds).

It’s the Wild West in Cyberspace. Be careful out there.

[Editor’s Note: This post is part of the annual “Cutter Predicts …” series, compiled at the Cutter Consortium website.]


Mike Rosen

Michael Rosen has more than 20 years technical leadership experience architecting, designing, and developing software products and applications.


  One Response to “The ‘Wild West’ of Cyberspace will Get Worse Before it Gets Better”

  1. omg, you are are right, the stuxnet was something else. I feel that security will always be a step behind because of the proliferation of complex technology and the open world that we now live it with respect to privacy (facebook, twitter, etc.). So if sophisticated attacks don’t harm you, good old social engineering is always a viable backup.

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>