August 28, 2009

We're losing the war on cybercrime

While we chase after two-bit malicious hackers, cybercrime syndicates remain untouchable

You may have read the reports: We have captured Albert Gonzalez, one of the "world's biggest malicious hackers." Big deal.

I've been fighting cybercrime for more than 20 years, so you'll have to excuse me if I'm a little jaded for thinking that this "huge" hacker is but another small-time player in the big-time world of cybercrime. In fact, I'm pretty sure that we still haven't captured a single major player -- the Pablo Escobars.

[ The Department of Homeland Security reports that the IT sector is resilient against serious cyberattacks. | Learn how to secure your systems with InfoWorld's free Security Central newsletter. ]

We know there are large, corporate crimeware gangs that steal tens (if not hundreds) of millions of dollars from unsuspecting Internet victims each year. They have corporate headquarters that would fit the mold of the Fortune 1000. They have extensive payrolls, pay millions in taxes, and enjoy business growth that would be the envy of Wall Street. Yet we haven't prosecuted a single person from any of these big online cybercrime syndicates, and I have no reason to believe that will change over the next few years. We are getting better at prosecuting cybercriminals in countries such as the United States, but these large organizations are based in other countries, protected by those nations' political leaders.

Professional organized cybercrime started with the "king of spam" corporate giants in the late 1990s. These organizations often made millions under the guise of legitimate Internet marketing while sending billions of illegal e-mails. Many of the owners became and remained rich. They bought large houses and outrageous cars, got new beautiful wives, and sent their kids to expensive private schools. Heck, spammers aren't even considered in the top 200 spammers unless they are sending out hundreds of millions of illegal e-mails per day.

White Paper

D2D Virtual Tape Library Replication Primer

This whitepaper explains the terminology and concepts behind Data Replication technologies and establishes some sizing rules through worked examples. Learn the new paradigm in disaster tolerance—protect data anywhere.

Download now »

White Paper

An Alternative to Virtualization for Datacenter Cost Savings

Server virtualization is a popular option for dealing with mounting datacenter costs. Another equally promising approach is the use of an Application Delivery Controller. Citrix NetScaler provides a low-cost way for organizations to reduce their server count and accrue cost savings from a reduction in space, cooling, power and personnel.

Download now »

White Paper

Why Your Firewall, VPN, and IEEE 802.11i Aren't Enough to Protect Your Network

The emergence of WLANs has created a new breed of security threats to enterprise networks.

Included in HP ProCurve WLAN solutions is security technology that alleviates threats from WLANs through:
* Monitoring wireless activity inside and out of the enterprise
* Classifying WLAN transmissions into harmful and harmless
* Preventing transmissions that pose a security threat to the enterprise network
* Locating participating devices for physical remediation

Download now »

White Paper

Bringing the Edge to the Data Center

Effectively address data protection challenges, implementing solutions that help store and protect business–critical data while cutting costs and improving efficiency and reliability.

Download now »
quadibloc 28-Aug-09 6:44am
Given that we haven't been able to evict Russia from parts of Georgia, I'm not sure how we can be expected to deal with criminal activity that is protected by the Russian government. If Medvedev and Putin are voted out, things might change. Otherwise, since natural gas revenues seem to have allowed Russia to rebuild its nuclear arms, it would seem the prospects for an attempt at regime change in Russia are dim.
Rob Lewis 28-Aug-09 8:38am

Definitely true, but sad. I love that you call them the way things are.

These crime syndicates are probably having a good laugh as they read this and they will keep laughing as long as the industry resorts to the sorry, broken-down security model in use today. That's another sad truth.

Location doesn't matter much. If it wasn't Russia, it would be somewhere else.

MAS 28-Aug-09 11:47am
It's not just cybercrime that we are losing the war on.
Crime syndicates or all sorts (including cybercrime) are running roughshod over everything.
Carl Street 29-Aug-09 2:08am
3 replies

Well Mr. Grimes, wake up and smell the reality.

What is truly amazing to me is that you, who purport to be a trained security professional are unaware that as far back as the days of the Pharaohs of Ancient Egypt the story of security enforcement has been an uninterrupted saga detailing the failure of "security services" who out of cowardice, corruption, and/or cozying up to power have invariably focused their efforts on the politically emasculated and petty criminals while studiously avoiding any confrontation with the real large scale criminals who might pose a career threat.

Perhaps you personally are NOT corrupt -- one can only hope -- but are a victim of an education system that no longer teaches history; other than the politically correct version, of course.

The unvarnished truth is that “security services” are largely worse than useless against any real threat because they will be either deliberately blind to such activities and/or active participants and perpetrators. While they generally make a great show of stopping small threats; they are largely rubber crutches at best when any real threat appears.

jspurr01 29-Aug-09 5:15am
1 reply
Nothing Mr Grimes says suggests that he is "unaware" of the sad history of security forces vs the criminal forces. He is actually documenting the current situation for the unaware masses. Your hyper-cynical, accusatory commentary unfairly besmirches Mr. Grimes and inapprorpiately broad-brushes security professionals at large.
Carl Street 29-Aug-09 2:37pm
Blaming the messenger is a popular ad hominem attack that will no doubt play well with the pseudo-moral security class; however, it does NOTHING to change the reality. Your apology is accepted.
Roger A. Grimes 31-Aug-09 6:05am
Carl, What a strange reply. In your long diatribe you share one good point...that organized crime has been around for a long time. I am a happy student of history. While I don't know all history, I am certainly well aware that organized crime has been a part of life at least since the days of recorded history, if not before. The Christian Bible has relevant stories from thousands of years ago. But as smart as you are trying to appear to be you then trivialize the well meaning people on the side of good. You lump all the good people in with the bad people, claiming cowardize, corruption, etc., rule even the good people. You don't leave any room for all the good people that fight the good fight, and aren't corrupt, scared, or any of those other things. Fighting crime, any crime, is a complex undertaking, especially where scare resources are involved and where the good guys have to follow societal rules so they don't become as bad as the bad guys they fight. I'm glad you only kinda accuse me of being corrupt. If anyone is making an ad hominem argument it is you. I'd add that in your short posting you also make the mistakes of false continuum and false dichotomy, if not even more.
nigebj 4-Sep-09 9:44am
Perhaps Mr Grimes assumed his average, educated reader was all too well aware of the failing of "security services" over time and was simply trying to make the point that despite the hype, nothing has changed. May be his ego didn't lead him to need to treat his audience as uneducated morons - which is possibly why he is a columnist and not simply a troll.
bz8x8c 29-Aug-09 8:27am
None of this will change until cybercrime becomes a topic of discussion among our world leaders. It's high time this issue was raised in the world forums in which we have to work. If the US and other developed countries severed the Internet link with problem countries such as China and Russie, they would take notice when it starts to hit the pocketbooks of legitimate business entities. Trade is now largely Internet based, so Internet embargoes against countries that allow cybercrime would make a difference, if anyone has the guts to take such measures. Even if they don't, the immediate impact would be an improvement in cyber-security.
shadoweyez 30-Aug-09 12:30pm
First post on this fourm... Excellent article on the larger cybercrime issue. bz8x8c said "If the US and other developed countries severed the Internet link with problem countries such as China and Russie, they would take notice when it starts to hit the pocketbooks of legitimate business entities." Maybe instead of cutting the cord with China or Russia, we should start "whitelisting" the cord. Everything not allowed, people/business that need to communicate get approval through some (VERY lightly regulated) gov't or private business-alliance type body first. While I realize this is against the core internet and "net neutrality" we may be at the point that this extra cost is less than the cost of fighting the never ending flood of spam/malware. I support the net neutrality concept, but on a practical level this could work out from a cost-benefit standpoint. The thorny issue then is who would regulate this whitelist, and under what criteria. This would at least shift the issue into a different and possibly more easily understood realm for the general public and lawmakers who seem to be behind on making effective rules relating to technology.
rcprimak 31-Aug-09 1:38pm
Cutting the cord with Russia and China is the LAST thing we should do! It is only when Chinese and Russian citizens can communicate with USA and EU citizens, that the corruption of the governments of China and Russia can be effectively fought from within those countries. Case in point -- Iran. Just think what might have happened over there if Western governments had branded Iran a Terrorist State and banned all Internet (and Twitter) communications between US and THEM. Sometimes contacts with us are the best way of fighting the cultures of corruption which have been protecting the international cybercrime syndicates. Keep the Internet open for such communications!
Apple 17-Sep-09 11:09pm
War is something sounds not good for me.At some point in time, we have heard the phrase "Si vis pacem, para bellum." Some people get confused, as most schools don't cover a lot of things Latin (we don't mean salsa dancing – we mean swords, sandals, Ides of March and Julius Caesar Latin) but that being said, what Si Vis Pacem, Para Bellum literally means is "If for peace, for war." It's a paraphrasing of a military philosopher from the late 4th century, Publius Flavius Vegetius Renatus, from his work De Re Militari. (Literally, On Military Matters, a book that was a cornerstone of European military thought and tactics for centuries.) It means that if some one desires to keep peace, then they had better get a cash advance and be prepared to defend it – Si Vis Pacem Para Bellum.

Sign up to receive InfoWorld Resource Alerts

Subscribe to the Today's Headlines: First Look Newsletter

Find out what will be news for the day, with our first-thing-in-the-morning briefing.

White paper

Log Management: How to Develop the Right Strategy for Business and Compliance

This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.

Download now! »

White paper

The Essential Series: Security Information Management

Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.

Download now! »

White paper

Aberdeen: Choosing and Consuming Managed Security Services

Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.

Download now! »
©1994-2009 Infoworld, Inc.