💾 Archived View for gmi.noulin.net › mobileNews › 1022.gmi captured on 2023-06-16 at 21:10:01. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-01-29)

➡️ Next capture (2024-05-10)

-=-=-=-=-=-=-

Cybercrime threat rising sharply

2009-02-02 11:39:30

By Tim Weber

Business editor, BBC News website, in Davos

The threat of cybercrime is rising sharply, experts have warned at the World

Economic Forum in Davos.

They called for a new system to tackle well-organised gangs of cybercriminals.

Online theft costs $1 trillion a year, the number of attacks is rising sharply

and too many people do not know how to protect themselves, they said.

The internet was vulnerable, they said, but as it was now part of society's

central nervous system, attacks could threaten whole economies.

The past year had seen "more vulnerabilities, more cybercrime, more malicious

software than ever before", more than had been seen in the past five years

combined, one of the experts reported.

But does that really put "the internet at risk?", was the topic of session at

the annual Davos meeting.

On the panel discussing the issue were Mozilla chairwoman Mitchell Baker

(makers of the Firefox browser), McAfee chief executive Dave Dewalt, Harvard

law professor and leading internet expert Jonathan Zittrain, Andre Kudelski of

Kudelski group, which provides digital security solutions, and Tom Ilube, the

boss of Garlik, a firm working on online web identity protection.

They were also joined by Microsoft's chief research officer, Craig Mundie.

To encourage frank debate, Davos rules do not allow the attribution of comments

to individual panellists

Threat #1: Crime

The experts on the panel outlined a wide range of threats facing the internet.

There was traditional cybercrime: committing fraud or theft by stealing

somebody's identity, their credit card details and other data, or tricking them

into paying for services or goods that do not exist.

The majority of these crimes, one participant said, were not being committed by

a youngster sitting in a basement at their computer.

Rather, they were executed by very large and very well-organised criminal

gangs.

One panellist described the case of a lawyer who had realised that he could

make more money though cybercrime.

He went on to assemble a gang of about 300 people with specialised roles -

computer experts, lawyers, people harvesting the data etc.

Such criminals use viruses to take control of computers, combine thousands of

them into so-called "botnets" that are used for concerted cyber attacks.

In the United States, a "virtual" group had managed to hijack and redirect the

details of 25 million credit card transactions to Ukraine. The group used the

data to buy a large number of goods, which were then sold on eBay.

This suggested organisation on a huge scale.

"This is not vandalism anymore, but organised criminality," a panellist said,

while another added that "this is it is not about technology, but our economy".

Threat #2: the system

A much larger problem, though, are flaws in the set-up of the web itself.

It is organised around the principle of trust, which can have unexpected

knock-on effects.

Nearly a year ago, Pakistan tried to ban a YouTube video that it deemed to be

offensive to Islam.

The country's internet service providers (ISPs) were ordered to stop all

YouTube traffic within Pakistan.

However, one ISP inadvertently managed to make YouTube inaccessible from

anywhere in the world.

But in cyberspace, nobody is responsible for dealing with such incidents.

It fell to a loose group of volunteers to analyse the problem and distribute a

patch globally within 90 minutes.

"Fortunately there was no Star Trek convention and they were all around," a

panellist joked.

Threat #3: cyber warfare

Design flaws are one thing, cyber warfare is another.

Two years ago, a political dispute between Russia and Estonia escalated when

the small Baltic country came under a sustained denial-of-service attack which

disabled the country's banking industry and its utilities like the electricity

network.

This was repeated last year, when Georgia's web infrastructure was brought down

on its knees during its conflict with Russia.

"2008 was the year when cyber warfare began.. it showed that you can bring down

a country within minutes," one panellist said.

"It was like cyber riot, Russia started it and then many hackers jumped on the

bandwagon," said another.

This threat was now getting even greater because of the "multiplication of

web-enabled devices" - from cars to fridges, from environmental sensors to

digital television networks.

The panel discussed methods that terrorists could use to attack or undermine

the whole internet, and posed the question whether the web would be able to

survive such an assault.

The real problem, concluded one of the experts, was not the individual loss.

It was the systemic risk, where fraud and attacks undermine either trust in or

the functionality of the system, to the point where it becomes unusable.

What solution?

"The problems are daunting, and it's getting worse," said one of the experts.

"Do we need a true disaster to bring people together?," asked another.

One panellist noted that unlike the real world - where we know whether a

certain neighbourhood is safe or not - cyberspace was still too new for most of

us to make such judgements. This uncertainty created fear.

And as "the internet is a global network, it doesn't obey traditional

boundaries, and traditional ways of policing don't work," one expert said.

Comparing virus-infected computers to people carrying highly infectious

diseases like Sars, he proposed the creation of a World Health Organisation for

the internet.

"If you have a highly communicable disease, you don't have any civil liberties

at that point. We quarantine people."

"We can identify the machines that have been co-opted, that provide the energy

to botnets, but right now we have no way to sequester them."

But several panellists worried about the heavy hand of government. The

internet's strength was its open nature. Centralising it would be a huge threat

to innovation, evolution and growth of the web.

"The amount of control required [to exclude all risk] is quite totalitarian,"

one of them warned.

Instead they suggested to foster the civic spirit of the web, similar to the

open source software movement and the team that had sorted the YouTube problem.

"Would a formalised internet police following protocols have been able to find

the [internet service provider] in Pakistan as quickly and deployed a fix that

quickly?" one of them asked.