Radical Instrument

IT is changing the exercise of power. Radical Instrument is picking up the signals.

Posts Tagged ‘cybercrime

China and the “gray zone” of cybersecurity

leave a comment »

Via Computerworld and other sources:  China has announced the shutdown of what the BBC says “is believed to be the country’s biggest training website for hackers,” Black Hawk Safety Net, resulting in the arrests of three.  The WSJ confirms the arrests actually occurred in November, leading to speculation that this may be an attempt to ward off negative press from its recent flap with Google.

Whether or not that’s true, the shutdown of this site does signal that China is having to navigate a difficult balance with cybersecurity issues as Internet use grows. On the one hand, the growth of nationalist hacker groups has afforded the government the advantage of plausible deniability for activities ranging from campaigns against Tibetan exiles to sophisticated penetration attempts of U.S. government and industry databases. On the other hand, the sheer volume of trained hackers (or untrained, armed with a few easy-to-use tools) combined with a growing e-commerce market makes for … a fertile (if illicit) opportunity, sized at $1B in 2008 and fuel for a $35M “hacker training” industry.

Written by Mark

February 8, 2010 at 9:57 pm

School of Hack (Chinese version)

with one comment

Courtesy of Fergie’s Tech Blog:  this report on the $34.8M “hacker training” industry in China, derived from this China Daily story. The China Daily piece also cites $1B in losses in China in 2008 due to cybercrime, attributed to theft from personal accounts.

Not really convinced that you would get a lot out of course that runs maybe $30 … maybe access to a few tools that can be clumsily deployed, absent any other skills. The math is interesting – at the thirty-dollar rate, $34.8M buys you over a million “courses.” Assume for a moment that the courses are in Chinese (could be wrong there)…with a total combined Internet user population in China and Taiwan of ~300M, and assuming one course = one user, that’s not a bad rate of penetration. It’s a rate roughly equivalent to Amazon’s share of the U.S. retail market.

I previously referenced this Bloggingheads discussion between Evgeny Morozov and Ethan Zuckerman on cyberwar. Listen about midway through or check out Evgeny’s previous Slate article for a description of how a non-expert can get access to the right tools fairly easily.

Written by Mark

August 5, 2009 at 10:11 pm

Where Internet attacks come from

leave a comment »

On the eve of a possible “D-Day” for the Conficker worm, there’s new data out from Akamai underlining the point that not all Internet attack traffic originates in Russia or China, despite articles about “GhostNet” and the like. For Q4 2008, Akamai’s data suggest the top originating country for attack traffic was the U.S. (23% of traffic), with China a few percentage points behind (19%). Akamai does note that this represents a shift from previous quarters in 2008, in which the U.S. played second to China or Japan.

What Akamai’s study offers is some perspective and perhaps a question. The figures merely point out that Internet attack traffic is not so much a function of any national characteristic except Internet penetration. To be fair, the study doesn’t show where the constitution of attack traffic may vary across countries – which attacks have tacit state support and which are merely criminal. But that in and of itself raises the question as to whether the greater threat to any single country’s Internet infrastructure, over time, is from other countries (i.e., the “digital Pearl Harbor” scenario) or from the sheer volume of always-active cybercrime. It’s a decent bet to suggest that the recession will give more impetus to the latter.

Written by Mark

March 31, 2009 at 10:46 pm

Posted in Technology

Tagged with , ,

New thievery and old rivalries in cyberspace

leave a comment »

This year’s Davos is like a bad family reunion: Vladimir Putin told off Michael Dell, Turkish Prime Minister Erdogan says he’s never coming back, and McAfee, Inc., brought the news that malware increased 400% in 2008 – resulting in an average intellectual property loss of $4.6 million per company, for a reported global loss of $1 trillion.

The most interesting finding from the survey behind McAfee’s data:  “Geopolitical perceptions have become a reality in information security policies.” Respondents – drawn from across the globe – cited China, Pakistan, and Russia as having the highest “threat levels” to “digital assets,” but the report perceptively notes that:

Perceptions among respondents may be rooted in both historical conflicts and modern economic, cultural and political differences. Responses can be sorted according to long-time tensions between China and Japan, India and Pakistan, the U.S. and Russia, the U.K. and Russia, as well as more modern conflict between China and Taiwan and China and the U.S. … For example, when asked to rate the threat level of various countries, 47 percent of Chinese respondents chose the U.S., followed by Taiwan (41 percent). Japanese respondents chose China (57 percent) followed by Russia (44 percent). Indian respondents overwhelmingly chose Pakistan (61 percent) as having the highest threat level. U.S.-based respondents chose China (62 percent) followed by Russia (59 percent). U.K.-based respondents selected Russia (74 percent) followed by Pakistan (68 percent) and China (66 percent).”

The data add to the argument that nationalism is prevailing over globalism in cyberspace, a trend likely to continue with recession and regulation. Absent a change in mood at Davos, the report’s call for an international cybersecurity convention seems like it’ll go unanswered in 2009.  One might expect what happens on the Internet – the exchange of information – to follow what happens in trade. Less of it, justified in nationalist terms and enforced by the technical equivalents of protectionism.

You can find the full McAfee report here (registration required).

Written by Mark

January 29, 2009 at 10:37 pm

Joining the 2009 prediction racket

with 4 comments

Forecasting has taken a beating in 2008, from the hard landing crash of the economy to the Iowa and New Hampshire primaries, from the odds of seeing snow in Las Vegas this winter to the chances given to the NY Giants against the Patriots in Superbowl XLII. 

And yet we continue. In the spirit of tradition (if not science and probability), here are my top five calls on for where (and how) ICT will (and won’t) affect international affairs in 2009

1. Global economic conditions tilt the balance towards greater Internet regulation… Watch for nationalist-protectionist tendencies to surface in cyberspace as much as they will in the world of physical trade, assuming the recession extends until mid-2009 or longer. Expect commentators to blur their depictions of “unregulated finance” and “unregulated cyberspace,” and for politicians to justify Internet regulation as a means to “safeguard the economy,” whether by preventing cyber-crime or otherwise. 

2. …and prolong the “digital divide” in the developing world.  The capital drought has already halted or delayed major investments in the developed world. Watch for a similar, if not amplified, effect on ICT projects – charitable or otherwise – in BRIC countries, and definitely the Third World. Cell phones will remain a key network technology in the Third World – but without additional investment, will existing networks be able to handle increased capacity?

3.  Cybercrime gets worse.  The recession presents two key conditions for fraud and exploitation:  (a) significant dislocation in the corporate environment, presenting opportunities for the leakage of sensitive information, and (b) heightened psychological insecurity, increasing the size of the “target audience” for exploitation. Add in year-over-year improvements in criminals’ technical savvy, and 2008 looks to be a year to batten down the security hatches. For a good read, see McAfee’s annual cybercrime report.

4.  The next “Internet election” might be in Iran.  Expect a lot of attention to be paid to Iran’s 2009 presidential election, slated for June. There’s an interesting question as to whether Iran’s filtering mechanisms, which block access to five million websites, will be able to contain both (a) criticism of current President Ahmadinejad from political rivals and (b) both a web-savvy populace’s desire for information and the desire of external parties (e.g., exile groups) to provide it. OpenNet Initiative has an article from November (original source:  ynetnews.com) noting the passage of a draconian “computer crimes” bill earlier this year. Seems like the regime might lack some confidence in its firewall.

5.  Cloud computing will raise new questions about regulation, privacy, and security.  If there’s any technology in the hype cycle right now, it’s cloud computing (see this earlier post for more background). If – and this is a big if – we’re on a path towards the concentration of processing and storage in a limited number of massive data centers, servicing hundreds (or thousands, or…) of customers, there’s going to be a showdown with some questions that have yet to see satisfactory resolution. Such as:  will there be political acceptance of warrantless surveillance (not to mention government data-mining) once data is concentrated? Will government cybersecurity efforts concentrate on fortifying “clouds” as critical infrastructure, and leave the rest of the Internet wild? What responsibilities do Internet giants have towards governments for the data that runs through them? The answer’s going to have to be a little more precise than Google’s “Don’t be evil.” 2009 won’t be the year these questions get answered, but I’m betting that we’re going to start hearing (and listening to) them more.

Written by Mark

December 24, 2008 at 1:22 am