Skip to main content

Is it Safe?

“Is it safe?” The famous line from a scene in the film, “Marathon Man” and a question which reflects the dangerously’ joined-up’ nature of world in which we live today.

Next month sees the 6th international ecrime congress in London, an annual event which gives business, finance, government and law enforcement an opportunity to discuss the new threats and challenges presented by the growing influence of serious and organised crime in cyberspace.

And the internet, “Is it safe?” Certainly not and the statistics argue that while in some areas, the risk of crime is being reduced through the introduction of new technical measures and policies, elsewhere and under the extreme pressures of criminal interests, new leaks are appearing in the collective firewall, which may become a flood if not acted upon quickly.

This year, even David Davis, the Conservative, Shadow Home Secretary, will be joining the directors of the FBI, US Secret Service, NATO and the likes of PayPal, Lloyds TSB and Unilever in London to reflect on a shared problem which threatens the world’s most advanced economies.

Over the last twelve months, leading UK banks such as Barclays, have been increasingly successful in reducing online fraud but corporate losses from computer crime have reportedly doubled and the incidence of identity theft among the broader population continues to rise dramatically with criminals increasingly focusing on individuals in cases of financial fraud rather than a business.

As business continues to develop their security counter-measures to deal with the more common, asymmetric, ‘mass-attack vector’, whether this has been a consequence of ‘spamming’, ‘phishing’, ‘Bot-nets’, ‘Denial of Service’ and all manner of other exploits, organized crime groups have been busily refining their activities. This, in turn, has led to the appearance of new tools and techniques to develop ‘Under the Radar’ targeted attacks on individuals and organizations, ‘neither broadly distributed nor unique in nature’ and displaying a much improved use of social engineering tactics.

Identity theft and what is being called, “data indifference”, continues to be a significant and steadily growing problem, whether this lies in the almost regular loss of confidential personal data by large companies and government agencies, such as HMRC or at the more sophisticated end of the spectrum, advanced identity theft from persistent bots and new exploits that seek to compromise home routers.

Compromised ‘Bot’ networks of personal computers continue to make headlines in greater and greater numbers and with increasing sophistication and effectiveness. Last month, in the United States, one hacker pleaded guilty to creating a network of more than 400,000 computers, which included those belonging to the country’s Defense Information Security Agency and in April of 2007, Estonia, the former Soviet Baltic republic was paralysed by an unprecedented online attack from networks in Russia. Estonian MP Silvar Meikar, a member of the country’s defence committee will be describing this attack at the ecrime congress.

Earlier this month, reported that Russia has now passed China to become the largest generator of spyware and malicious code and in terms of the source of criminal exploits. But Russia and China are not the only problem. IBM’s X-Force reports that the United States and Germany were the only two countries consistently among the top three hosting sources for each classification of “unwanted” Internet content monitored throughout 2007 and that the former “Far outpaces other countries as the primary hosting source of adult, socially deviant and criminal content on the Internet.”

The urgent question we need to answer, whether this be at conference, government, business or law-enforcement level, , surrounds the fundamental questions of online safety and data security. In concert with the clear and present danger from international and domestic terrorism, which sucks the funds away from the fight against ecrime, does any effective counter-measure solution exist to challenge the threat from the organised crime interests which are starting to dominate the trade routes of the internet much like the pirates of the Caribbean once did in the past?

Without a doubt, every country requires more resources and an urgent requirement that government treats the problem more seriously than it has in the past but I’m not convinced this will ever happen until the problem , like the Elephant in the living room, becomes too large to ignore.

Pandora’s Box has been opened and no single country is strong enough to close it. As an analogy, it’s really no different to the debate on tighter European immigration and border controls because the internet is as open and porous as the borders of Europe and the legislation is only as strong as the will and resources of the poorest country. And without the cooperation of Russia and China any proposal remains of academic interest only.

So what can we do to fight the threat? Buy shares in information security companies perhaps because business and finance is largely on its own, as is the man in the street. Unless there is a truly joined-up and international initiative to tackle the growing problem of organised crime online, involving significant funding, resources, legislation and most of all will, at every level, we will have to accept that millions of people and businesses will be robbed and duped and conned as an integral benefit of the internet’s total cost of ownership. After all, if the FBI only has a team of 100 officers tasked to deal with all cyber crime offences and Interpol has perhaps only three in EMEA, the level of priority and the scale of the challenge now facing our joined-up and interdependent economies becomes depressingly clear.

Popular posts from this blog

Civilisational Data Mining

It’s a new expression I haven’t heard before. ‘Civilisational data mining.’

Let me start by putting it in some context. Every character, you or I have typed into the Google search engine or Facebook over the last decade, means something, to someone or perhaps ‘something,’ if it’s an algorithm.

In May 2014, journalists revealed that the United States National Security Agency, the NSA, was recording and archiving every single cell-phone conversation that took place in the Bahamas. In the process they managed to transform a significant proportion of a society’s day to day interactions into unstructured data; valuable information which can of course be analysed, correlated and transformed for whatever purpose the intelligence agency deems fit.

And today, I read that a GOP-hired data company in the United States has ‘leaked’ personal information, preferences and voting intentions on… wait for it… 198 million US citizens.

Within another decade or so, the cost of sequencing the human genome …

The Nature of Nurture?

Recently, I found myself in a fascinating four-way Twitter exchange, with Professor Adam Rutherford and two other science-minded friends The subject, frequently regarded as a delicate one, genetics and whether there could exist an unknown but contributory genetic factor(s) or influences in determining what we broadly understand or misunderstand as human intelligence.

I won’t discuss this subject in any great detail here, being completely unqualified to do so, but I’ll point you at the document we were discussing, and Rutherford’s excellent new book, ‘A Brief History of Everyone.”

What had sparked my own interest was the story of my own grandfather, Edmond Greville; unless you are an expert on the history of French cinema, you are unlikely to have ever hear of him but he still enjoys an almost cult-like following for his work, half a century after his death.

I've been enjoying the series "Genius" on National Geographic about the life of Albert Einstein. The four of us ha…
The Mandate of Heaven

eGov Monitor Version

“Parliament”, said my distinguished friend “has always leaked like a sieve”.

I’m researching the thorny issue of ‘Confidence in Public Sector Computing’ and we were discussing the dangers presented by the Internet. In his opinion, information security is an oxymoron, which has no place being discussed in a Parliament built upon the uninterrupted flow of information of every kind, from the politically sensitive to the most salacious and mundane.

With the threat of war hanging over us, I asked if MPs should be more aware of the risks that surround this new communications medium? More importantly, shouldn’t the same policies and precautions that any business might use to protect itself and its staff, be available to MPs?

What concerns me is that my well-respected friend mostly considers security in terms of guns, gates and guards. He now uses the Internet almost as much as he uses the telephone and the Fax machine and yet the growing collective t…