Criminals, spies swamp cyber world: experts

Aug 04, 2010 by Sebastian Smith
Speaking about the dire state of online security, leading IT security experts are claiming there is no way to prevent threats and to defend large-scale environment today.

Finally the world has a hacker-proof communications device. The bad news? It's a brick in a glass case. The joke, told to a cyber conference Tuesday in New York, illustrates what top US experts describe as the dire state of online security.

"Threats today are basically not preventable," said Amit Yoran, a leading IT consultant and CEO of NetWitness Corporation. "There's basically no way to defend any large-scale environment today."

The spoof brick really exists -- right in the lobby of the secretive US National Security Agency, Yoran said. And that's to remind America's top cyber spooks how limited their powers really are.

Yoran described a world where hackers operate mostly with impunity, since they are rarely caught -- or extradited when found -- and at great profit.

Nor are they all lone teenage computer geniuses playing for kicks.

Organized gangs and government-sponsored spies are the real threat, making cyber crime a bigger sector even than , he said. "It's a very complex set-up."

The gloomy diagnosis from the FBI-sponsored conference at New York's Fordham University comes when the Internet and society are becoming more integrated by the minute.

Everything from countries' military maneuvers to ordinary citizens' grocery shopping is increasingly organized online.

In fact the entire US economy, White House cyber security coordinator Howard Schmidt told the conference, essentially rests on safe Internet facilities.

Last year saw 10 trillion dollars in online business, a figure forecast to hit 24 trillion in another decade, he noted.

Yet, incredibly, the business world has yet to grasp the threat that online thieves and vandals pose. Almost half of small businesses don't use and even fewer use it properly, Schmidt warned.

"There has been enough exfiltration of personal property in this country in the past years to fill the Library of Congress over and over again. So we must do more."

But chasing cyber criminals is a task that can exasperate the most powerful sleuth.

"Cyber criminals are not constrained by geographic borders," said Michael DuBose, head of the computer crime section at the Department of Justice.

"A Romanian sitting at his kitchen table can penetrate a US network within seconds and exit just as quickly."

The hackers' "world has become a lot smaller," he added, but "they prey on what is essentially a global victim pool."

Another hurdle, according to the FBI's cyber division deputy assistant director, Jeffrey Troy, is outdated legislation, combined with the usual complications of cross-border probes.

"We need to be operating like one global law enforcement agency," he said. Instead "a lot of countries don't have laws that fit the crime... We're using laws that were written when no one even had thought of the crime."

Experts at the conference also lamented what they said was the failure of private software companies to come up with adequate defenses.

In the end, they said, all that can be done is to mitigate the problem and make the hacking business -- ranging from theft of bank details and spam advertising to espionage and terrorist sabotage -- less easy.

Gary Gagnon, from the IT security firm MITRE, joked the biggest problem was people -- "users who just can't help clicking" on infected files.

But he said no one should ever feel smug about security levels.

"If (hackers) are determined to get in our network, they'll get in. The odds are stacked in their favor."

Explore further: Twitter looks to weave into more mobile apps

add to favorites email to friend print save as pdf

Related Stories

Cyber criminals targeting small businesses

Sep 14, 2009

(AP) -- Cyber criminals are increasingly targeting small and medium-sized businesses that don't have the resources to keep updating their computer security, according to federal authorities.

Cyber warriors gather as online battles rage

Feb 28, 2010

US national security leaders and top cyber warriors from around the world are gathering here to plot defenses against criminals and spies that increasingly plague the Internet.

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

Recommended for you

Google offers peek into Bhutan with Street View launch

2 hours ago

Google provided a sneak peek into Bhutan Thursday by unveiling a Street View project for the remote Himalayan kingdom, featuring panoramic views of its majestic mountains, monasteries and crystal-clear rivers.

Twitter looks to weave into more mobile apps

15 hours ago

Twitter on Wednesday set out to weave itself into mobile applications with a free "Fabric" platform to help developers build better programs and make more money.

Google unveils app for managing Gmail inboxes

17 hours ago

Google is introducing an application designed to make it easier for its Gmail users to find and manage important information that can often become buried in their inboxes.

Fighting cyber-crime one app at a time

22 hours ago

This summer Victoria University of Wellington will be home to four Singaporean students researching cyber threats. The students have been working with Dr Ian Welch, a lecturer in Victoria's School of Engineering and Computer ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

ODesign
5 / 5 (2) Aug 04, 2010
Probably this is disinformation.

Lots of ways to mitigate the problem with a positive ROI. Change the economics of hacking to reduce it. This is the technology behind reducing buglaries and traditional crime.

Article suggests nothing can be done and it requires thousands of isolated individuals and business to spontaneously change their behavior.

By fallacious discounting and not considering the other solutions, the article then leaves us with the only possible solution suggested "We need to be operating like one global law enforcement agency". . . hmm. looks like a hijacked agenda to me. I'm not arguing that a global police system wouldn't help with hackers. . . We could also solve the problem by setting fire to all computers. Just because a solution solves the problem doesn't make it a good choice.