June 1, 2005 10:45 PM PDT
Panel paints grim picture of cybercrime battle
In a discussion before a group of Silicon Valley businesspeople, a panel including representatives from Cisco Systems, Microsoft and the U.S. Department of Homeland Security discussed recent changes in cybercrime and what can be done to fight it. The event was organized by the Churchill Club.
A grim picture was painted of reality. Hackers were once perceived to be teenagers testing computer security for fun. But over the past 18 months or so, criminals, spammers and the teens who know how to hack have joined forces in online crime rings, said Marcus Sachs, deputy director of Homeland Security's Cyber Security R&D Center.
"It is a business. There is prosperity...and unfortunately the public is not well protected," Sachs said. Cybercriminals engage in activities such as selling access to networks of hacked PCs to send spam or launch attacks, or selling details of new security vulnerabilities so systems can be compromised, he said.
There will always be people who are up to no good, said Scott Charney, a vice president at Microsoft who heads up the company's Trustworthy Computing Initiative. "The key thing to remember, the Internet is a phenomenal medium for committing crimes. It is global, anonymous and untraceable."
Standing up to cybercrime is a shared responsibility of users, vendors and the government, the panelists said. For consumers, it is about awareness, said Brad Boston, chief information officer at Cisco. Everyone needs to care about and understand their responsibilities when it comes to using technology, he said.
While organizations have trained professionals such as CIOs to care about training their users, general consumers don't, noted Microsoft's Charney. Internet service providers should step in to fill that gap, he suggested.
"Users can not completely abdicate security...The access providers have to help with protection and quarantine and diminish consumer responsibility to a point that they can handle," Charney said. "We are not quite there yet."
Microsoft is doing its bit by strengthening the security of the Windows operating system, Charney said. The company is also readying an antivirus, antispyware and firewall product called Windows OneCare, a test version of which is due out later this year.
Sachs stressed that technical tools such as antivirus and firewall software are not enough to protect users. Education on using the Internet and identifying threats are also part of the solution, he said.
Then again, the attacks keep getting smarter. Attackers are now hosting their own DNS, or Domain Name System, servers to route victims to fraudulent Web sites. These DNS servers continuously appear in different places on the Net, Sachs said. The different locations would make it harder to shut down the servers.
"It is one of these emerging threats and we don't quite know how to stop it," Sachs said.
Additionally, Sachs' researchers have found malicious code--apparently created to trick security experts--that acts differently when run on a virtual machine versus an actual PC. Researchers often use virtual machines, or virtual instances of a PC, to test what malicious code does without actually harming their systems.
2 commentsJoin the conversation! Add your comment