Cyber crime: be afraid, be very afraid
Full disclosure up front: Joe Menn, the author of "Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet" and a tech reporter for the Financial Times, is a friend and former colleague of mine here at The Times. Nevertheless, I think even an unbiased observer would say that "Fatal System Error" is a compelling read, despite the fact that it's nonfiction (or maybe because it's nonfiction). It's also a very frightening book.
By retracing the steps taken by two men who were trying to fend off cyber criminals who went from attacking websites to stealing identities, Menn's tome reveals the enormous challenge facing civil society in preserving not just online commerce but entire financial systems. In a nutshell, it's the same problem we confront in trying to clamp down on opium production and nuclear proliferation: There are governments around the world that not only protect hackers but have a strategic interest in the damage they can inflict.
Menn, who will be speaking Tuesday night at a Zócalo Public Square event in downtown Los Angeles, said in an interview Tuesday afternoon that the capabilities of mercenary hackers are expanding, in some areas (namely, China) with the government's help. The same equipment, the same people and sometimes even the same software can be deployed to wage a cyber attack on a country as on a financial institution, he said. And while the federal government looks out for dot-mil and dot-gov sites, no one is responsible for safeguarding the dot-com infrastructure.
The hackers who attacked Google (evidently from China) last year have prompted more people in government to take an interest in the broader cyber-crime threat, Menn said. But the issue has morphed from a straightforward tech or law enforcement problem into a foreign policy challenge. As his book illustrates, officials around the world have to work together to stop far-flung but organized cyber-criminal groups. And when major world powers (read: Russia, China) don't feel like joining in, the good guys can't get very far.
Hackers have stolen so much personal financial data, Menn said, "you can no longer assume that as long as you're computer's not acting weird, you're OK." Maybe half of all Internet users haven't been victimized, "but there's no way to tell whether you're one of those people or not."
There is hope on the horizon. Because of the higher interest level among policymakers, there's a chance to put more safeguards in place. Menn, though, contended that the basic protocol for exchanging information on the Net -- TCP/IP -- needs to be replaced for commercial uses with something far more secure. "It seems to me we're getting fairly close to too late now," he added.
Provocatively titled "Will the Internet Collapse?" Menn's Zócalo talk Tuesday is scheduled to start at 7:30 p.m. at the National Center for the Preservation of Democracy on Central Avenue.
Credit: Li Xin / AFP/Getty Images
-- Jon Healey
It's just a matter of time the internet crooks are going to convince all of us that the invention of the internet for the public was a bad idea inspite all of its benefits. Maybe the internet should have been created for companies with business license to communicate with each other and not for comsumer usage.
Posted by: Mack The Knife | April 28, 2010 at 07:24 AM
As many people have pointed out, the Wall Street Suits have stolen more, vastly, incomprehensibly more, from the American people than any cyber criminal or street punk could ever hope to steal (at least, so far). Why are they not at the top of everyone's most wanted list?
Posted by: Terrils | April 28, 2010 at 08:26 AM
I just got hacked a couple of weeks ago, someone sent me a link for a greeting card for my birthday which actually downloaded an irc program that started to send data out. Luckily I caught it in about 20 minutes, and cleaned my computer. The hacker was from Guangdong China. Those guys are getting really dangerous
Posted by: aa | April 28, 2010 at 09:38 AM
Very disappointing lecture and the book is not much better. Save your money, don't buy the book, not much useful information in it.
Posted by: SW | April 28, 2010 at 10:59 AM
Quote: "And when major world powers (read: Russia, China) don't feel like joining in, the good guys can't get very far."
Nothing can continue to exist for long in those totalitarian states without the tolerance or tacit approval by those in power - not organized crime and certainly, not cyber-criminals. They may make some noises and do pro-forma arrests here and there, but hackers attacking vulnerable .com infrastructures are obviously part of their cyber-warfare arsenal. We're just looking at the testing phase here, these attacks will continue and will increase in intensity in the years to come. Indeed, "be very afraid."
Posted by: Ed at LAX Parking | April 30, 2010 at 08:04 AM