Cybercrime

Blogs

The Economics of Magic

Arthur C. Clarke said any sufficiently advanced technology is indistinguishable from magic. Milton Friedman said there's no such thing as a free lunch. The validity of the former statement does not invalidate the later. From this we can see that even magic has a price. Hence, its application is subject to cost-benefit analysis. There are many developing technologies that may eventually qualify as magic. more»

The Internet of Stupid Things

In those circles where Internet prognostications abound and policy makers flock to hear grand visions of the future, we often hear about the boundless future represented by "The Internet of Things". This phrase encompasses some decades of the computing industry's transition from computers as esoteric piece of engineering affordable only by nations, to mainframes, desktops, laptops, handhelds, and now wrist computers. Where next? more»

Asking a Better Question to Uncloak the Online Copyright Debate

The proverbial Pandora's box that is opened whenever the topic of online copyright infringement is raised throws into sharp relief a host of challenges that have confounded policy makers, internet service providers and consumers for many years. Chief amongst them is how to strike an appropriate balance between protecting the rights of content owners while continuing to promote the interests of the public and preserving the benefits of the internet, given its unprecedented ability to facilitate the rapid dissemination of copyrighted content. more»

Internet Security Marketing: Buyer Beware

As security breaches increasingly make headlines, thousands of Internet security companies are chasing tens of billions of dollars in potential revenue. While we, the authors, are employees of Internet security companies and are happy for the opportunity to sell more products and services, we are alarmed at the kind of subversive untruths that vendor "spin doctors" are using to draw well-intentioned customers to their doors. Constructive criticism is sometimes necessarily harsh, and some might find the following just that, harsh. But we think it's important that organizations take a "buyers beware" approach to securing their business. more»

Is Upping the Minimum Wage Good for the Information Security Industry?

The movement for upping the minimum wage in the US is gathering momentum. Protests and placard waving are on the increase, and the quest for $15 per hour is well underway. There are plenty of arguments as to why such a hike in minimum wage is necessary, and what the consequences could be to those businesses dependent upon the cheapest hourly labor. But, for the information security industry, upping the minimum wage will likely yield only good news. more»

Starting a New Conversation on Cybersecurity

The cybersecurity debate can be highly confusing at times. There is perhaps an analogy to be made between "Cybersecurity" and "The Economy". We all want to fix the economy but making progress is not an easy task. As soon as you are beyond that statement you notice that there is a lot of nuance. Issues like trust, influence, actors, and affectivity all come to play when you want to fix the Economy. The cybersecurity discourse has similar features. more»

Deadline of April 10 to Apply For CARIS Workshop on Coordinating Response to Internet Attacks

You have just a couple of days to either complete a survey or submit a paper to join the "Coordinating Attack Response at Internet Scale (CARIS)" Workshop happening on June 19, 2015, in Berlin, Germany... If you are interested in helping improve the overall security and resilience of the Internet through increased communication between the groups responding to the large-scale attacks happening on the Internet every day, I would strongly encourage you to apply! more»

Coordinating Attack Response at Internet Scale

How do we help coordinate responses to attacks against Internet infrastructure and users? Internet technology has to scale or it won't survive for long as the network of networks grows ever larger. But it's not just the technology, it's also the people, processes and organisations involved in developing, operating and evolving the Internet that need ways to scale up to the challenges that a growing global network can create. more»

A Cynic's View of 2015 Security Predictions - Part 4

Lastly, and certainly not the least, part four of my security predictions takes a deeper dive into mobile threats and what companies and consumer can do to protect themselves. If there is one particular threat category that has been repeatedly singled out for the next great wave of threats, it has to be the mobile platform -- in particular, smartphones... The general consensus of prediction was that we're (once again) on the cusp of a pandemic threat. more»

Mega Hacks and the Employees That Lost

When a business gets hacked and its corporate information is dumped on the Internet for all and sundry to see (albeit illegally), the effects of that breach are obviously devastating for all concerned. In many ways it's like the day after a fierce storm has driven a super-cargo container ship aground and beachcombers from far and wide have descended upon the ruptured carcass of metal to cart away anything they think has value or can be sold by the side of road. more»

If It Doesn't Exist, It Can't Be Abused

A number of outlets have reported that the U.S. Post Service was hacked, apparently by the Chinese government. The big question, of course, is why. It probably isn't for ordinary criminal reasons: The intrusion was carried out by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud," USPS spokesman David Partenheimer said. ... But no customer credit card information from post offices or online purchases at usps.com was breached, they said. more»

Stopping Illegal Activity Online - It's More Complicated Than It Seems

There was a compelling article in the Wall Street Journal (WSJ) the other day about ICANN and illegal online pharmacies. The result of a six-month investigation, the reporter, Jeff Elder, calls into question ICANN's effectiveness in investigating complaints of suspected illegal activity on domain names it has a contractual relationship with. Elder cites a recent incident where Interpol and the U.S. Food and Drug Administration tried to have 1,300 websites shut down because they were suspected of selling drugs without a prescription. more»

.trust Technical Policy Launch

Whenever I examine the technical elements of the various Internet security certifications and standards that organisations are clamouring to achieve compliance against, I can't help but feel that in too many cases those businesses are prioritising the wrong things and wasting valuable resources. They may as well be following a WWI field guide on how to keep cavalry horses nourished and bayonets polished in a world of stealth aircraft and dirty bombs. more»

Where Is Cyberspace?

In my first CircleID post, I compared the cyberspace to a farmland, which has to be cultivated and developed. I ended by asking: Where is cyberspace? I have asked this same question from many people, many of whom are internet experts. They all said the cyberspace is in the computers, networks, or servers, or the Internet itself. I agree with these cyberspace ideas. In addition, my opinion is a bit different. more»

Cigarette Smuggling and Cyber Security: Low-Tech Crimes Fund High-Tech Threats

You may not connect the cheap cigarettes sold under the counter (or out of a trunk, bodega or by a street vendor) with the mysterious charges on your credit card that you don't remember making or the cash that has, somehow, just disappeared from your bank account. You also may not connect that website selling cheap cigarettes made in second and third world countries with Shellshock or whatever the fashionably scary cyber-threat of the day is when you're reading this. more»

News Briefs

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

European Data Breaches Have Resulted in Loss of 645 Million Records Since 2004

Former DHS Chief Teaming Up With Insurance Giant Lloyd's of London to Sell Cyber Insurance

Paul Vixie on How the Openness of the Internet Is Poisoning Us

Secure Domain Foundation Launched to Help Internet Infrastructure Operators Fight Cybercrime

DDoS Awareness Day - Oct 23, Register Today for Live Virtual Event

Close to a Quarter of ZeroAccess Botnet Disabled, Reports Symantec

Arrest Made in Connection to Spamhaus DDoS Case

China and the United States Agree on Forming Joint Cybersecurity Working Group

ICANN Releases Guideline for Coordinated Vulnerability Disclosure Reporting

Obama Signs Cybersecurity Executive Order

M3AAWG, London Action Plan Release Best Practices to Address Online and Mobile Threats

The Tale of Thousands of Hacked Modems in Brazil, Affecting Millions

Cyber and Telecommunications Defence One of the Fastest Growing Industries in the World

Eugene Kaspersky: World Needs International Agreements On Cyber-Weapons

DNSChanger Disruption Inevitable, ISPs Urged to Bolster User Support

Microsoft and Financial Services Groups Disrupt Zeus Botnet Servers

FCC Releases New U.S. Anti-Bot Code

NATO Announces 58 Million Euro Investment in Cyber Defence

Study Links Half of "Rogue" Online Pharmacies to Two Domain Name Registrars

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Industry Updates

Participants – Random Selection