Skip to main content
The Russians are Coming

“We woz robbed”, and it’s not football I’m referring to.

There are no penalties in cyberspace. Just ask AOL, which having just lost 92 million email accounts to the spammers, is doing it’s very best to assure customers, that as ever, security remains at the very top of the company’s priorities.

In fact, it’s hard to blame AOL when something like this happens. Back in the earliest days of the World Wide Web, when Netscape version 1.0 reigned supreme and Microsoft’s Internet Explorer was a small joke, I was the Director of one ISP, who had a call from the Police one morning, telling me that the entire subscriber database, with passwords, was sitting-up in a popular hacker newsgroup.

At the time, we didn’t realise how pathetically vulnerable the technology of the Internet was. Many of us at the beginning of the online revolution were at the mercy of a small team of ‘expert’ system administrators who frequently resembled refugees from a ZZ-Top concert and security was often secondary to building a network organically and fast enough to keep up with customer demand.

This month, I spoke at a MessageLabs Security Forum alongside Spamhaus’ Steve Linford and MessageLabs CTO, Mark Sunner. My job was to talk about information security as a board level responsibility and Mark and Steve presented a double act on the size of the security problem now facing society.

That problem now appears unstoppable, in that since legislation, against spam in particular, was introduced on both sides of the Atlantic, more spammers and more unsolicited traffic has been the consequence, with 70% of all traffic flowing over the Internet now being garbage, Of course, it will never reach 100% because there’s still room for legitimate email out there but as more end users appear online, such as 100 million new arrivals from the South China coast, the Internet’s storage and our own security is going to have to keep pace.

What encouraged the theft of the AOL list is that spam is big business and Steve Linford points out that ‘Spam Supermarkets’ are now a regular feature of modern cyberspace, where the bad guys go to trade information and addresses. Since the interests of organised crime, virus authors and the spammers started to coincide, most of not all viruses and worms that now reach our filters carry ‘RAT’s, remote access Trojans, that allow a victim’s PC to be taken over by remote control. This leads to 50,000 new zombies appearing each week, which are in turn traded in these supermarkets as potential open proxies for the spammers or as hosts for everything from paedophile images, DDoS attacks (distributed denial of service) to Phishing scams.

Computer crime is now a lucrative business, with very few risks and penalties. The bad guys in question are invariably a mix of leading Boca Raton spammers with their Servers hosted in China and the Russian Mafia, who can’t find ways of spending the money they are making from eCrime fast enough.

Meanwhile, back on the average user desktop, visiting Websites with Internet Explorer is now more dangerous than ever before. The most recent alarm involves a report that organised crime has been hacking into well-established and trusted corporate websites and installing exploit code, which in turn installs RATs and keyloggers into the unsuspecting visitors own PC, leveraging a known vulnerability in Microsoft’s Internet Explorer to create even more compromised PCs and larger ‘Bot nets’.

At what point, I wonder, does society reach a critical mass, a pain point where we concede that 15% or 25% of the earth’s PCs owned by spammers or criminal gangs makes the Internet unviable as a commercial proposition. My own guess, is that in the UK with four million people connected to Broadband, we may have as may as half a million Personal Computers infected at any time, maybe more but hardly less. Who’s in charge of the Internet I wonder and the answer I suspect is the Russian mafia.


Anonymous said…
A good solution to these problems is a mandatory
user-configurable firewall at the ISP level.
Explained here

Popular posts from this blog

Mainframe to Mobile

Not one of us has a clue what the world will look like in five years’ time, yet we are all preparing for that future – As  computing power has become embedded in everything from our cars and our telephones to our financial markets, technological complexity has eclipsed our ability to comprehend it’s bigger picture impact on the shape of tomorrow.

Our intuition has been formed by a set of experiences and ideas about how things worked during a time when changes were incremental and somewhat predictable. In March 1953. there were only 53 kilobytes of high-speed RAM on the entire planet.

Today, more than 80 per cent of the value of FTSE 500* firms is ‘now dark matter’: the intangible secret recipe of success; the physical stuff companies own and their wages bill accounts for less than 20 per cent: a reversal of the pattern that once prevailed in the 1970s. Very soon, Everything at scale in this world will be managed by algorithms and data and there’s a need for effective platforms for ma…

Civilisational Data Mining

It’s a new expression I haven’t heard before. ‘Civilisational data mining.’

Let me start by putting it in some context. Every character, you or I have typed into the Google search engine or Facebook over the last decade, means something, to someone or perhaps ‘something,’ if it’s an algorithm.

In May 2014, journalists revealed that the United States National Security Agency, the NSA, was recording and archiving every single cell-phone conversation that took place in the Bahamas. In the process they managed to transform a significant proportion of a society’s day to day interactions into unstructured data; valuable information which can of course be analysed, correlated and transformed for whatever purpose the intelligence agency deems fit.

And today, I read that a GOP-hired data company in the United States has ‘leaked’ personal information, preferences and voting intentions on… wait for it… 198 million US citizens.

Within another decade or so, the cost of sequencing the human genome …

The Big Steal

I’m not here to predict the future;” quipped the novelist, Ray Bradbury. “I’m here to prevent it.” And the future looks much like one where giant corporations who hold the most data, the fastest servers, and the greatest processing power will drive all economic growth into the second half of the century.

We live in an unprecedented time. This in the sense that nobody knows what the world will look like in twenty years; one where making confident forecasts in the face of new technologies becomes a real challenge. Before this decade is over, business leaders will face regular and complex decisions about protecting their critical information and systems as more of the existing solutions they have relied upon are exposed as inadequate.

The few real certainties we have available surround the uninterrupted march of Moore’s Law - the notion that the number of transistors in the top-of-the-line processors doubles approximately every two years - and the unpredictability of human nature. Exper…