Information Warfare: August 3, 2001

Archives

The Code Red worm has been described as the perfect media software. It doesn't do much damage, although a mutant strain could be pretty deadly, and will stay around for years (until all severs running NT or Windows 2000 are upgraded or patched.) If you're having a slow news day, Code Red will always be there for another scary headline. But Code Red has also done a public service by making more people (especially clueless sysadmins) aware of the importance of keeping server software up to date. Another side effect is a repeat of the call for some fundamental changes in how the internet operates. From the beginning, it was easy for users to hide their identity on the net. No one foresaw the enormous growth, and commercialization, of the internet. So in the beginning, security was not a critical issue. That has obviously changed. Reconfiguring internet software to eliminate the anonymity would be a major task, made more difficult by getting so many people to sign off on it. It has been proposed many time before. This would be a bitch to do considering the "legacy code" that would have to be changed. Making everything traceable It would not be a panacea, though, for there would always be ways around. Making things harder for the blackhats is a good thing, though. 

Another often repeated proposal is to form a special security force for policing the internet. The problem with cybercops is that there is such a (trained, not to mention talented) manpower shortage right now (and in the foreseeable future) that it would be difficult to staff such a force at government pay levels. One solution would be to try and organize and reward the pro bono cybersecurity efforts that have been going on for some time. A lot of talented whitehats just get pissed off and go after bad guys on their own nickel. An example is HoneyNet (the pro bono network of honeypots set up to attract, analyze and document backhat activities and techniques). The government's only hope would be to set up CyberCorps as a separate corporation, find a few really good people to run it, give them a lot of money and turn them loose. CyberCorps could pay market rate for the right people, and still have a close working relationship with government agencies and commercial firms that spend a lot on net security (banks and brokerages, for example.)

Most of the successful criminal activity comes from the victim being careless. Cybercops won't be able to do much about that. But a lot of the malicious mischief on the internet could be eliminated if the Cybercops were good enough to hunt down and successfully prosecute a lot of the blackhat vandals. These guys don't steal as much as disrupt. But to a business that has to pay millions of dollars in additional personnel costs to fix the damage, it's not much different than an outright theft. 

But the freewheeling structure, and atmosphere, of the internet is very popular. It will probably take a more formidable threat than Code Red to motivate any fundamental change in how the internet operates.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close