I've been fighting Internet crime for more than 20 years. In the old days, the daily malware hot sheet was known as the Dirty Dozen -- because it listed only a dozen malware programs. Today we have literally hundreds of millions of malware programs, thousands of professional hacking organizations, and tens of thousands bit players who steal hundreds of millions (if not billions) of dollars via the Internet every year.
Though we have smarter online users, better detection tools, and a host of legal tools at our disposal, Internet crime is worse than ever. It's been a long time since I've run into someone who hasn't had his or her life impacted by Internet crime.
How did we ever let Internet crime get so big? Why do we let Internet criminals get away with so much that it impacts and threatens nearly every transaction we commit over the Internet? Read on:
1. Internet criminals almost never get caught
The world is full of malicious individuals who have no problem skirting rules and laws, as well as taking property that belongs to other people. Bad people exist -- and the Internet is a very low-risk neighborood in which they can run amok.
There are tens of thousands of Internet criminals, almost none of whom get caught or prosecuted. If you're an Internet criminal, you have to be especially brazen for a long time -- and make mistakes -- before you get caught.
You don't have to be a mastermind or uber hacker. One of the most popular misconceptions is that you have to be hyperintelligent to get away with cyber crime. The exact opposite is true. Most Internet criminals I've met (and chatted with online) are not particularly smart. They couldn't program a simple notepad application, and they certainly don't have to be as smart as the average defender.
They simply lack morals, buy programs from other, smarter programmers, and want to roll the dice and take the risk. But they aren't taking any real risk, and that's the central problem: You can get rich without much risk of getting caught. Until this equation changes, we will never see a significant decrease in Internet crime.
2. Indefinite legal jurisdiction
Most Internet crime takes place across international borders. Law enforcement agencies are always limited to jurisdictional boundaries. For instance, a city police officer in Billings, Mont., can't easily arrest someone in Miami, Fla. We have federal law enforcement agencies, which reach across city and state boundaries, but they can't easily traverse international boundaries.
The FBI can't go to China and arrest someone just because they have legal evidence a crime being committed by a person there. They have to submit a request, which will likely be ignored, to Chinese authorities. But let's not pick on the Chinese. It's not like we're going to arrest an American citizen and ship him off to Beijing anytime soon, either, regardless of the evidence.
Sometimes law enforcement agencies of one nation work with another nation's law enforcement, but these occasions are rare. Plus, the really big ones involved with the majority of the Internet crime, like Russia, China, and the United States, certainly don't cooperate with each other.
3. Lack of legal evidence
Another huge impediment to successful convictions is the lack of official, legal evidence. Most courts accept "the best representation" of evidence recorded during the commission of a crime. But most computer systems -- and many networks in totality -- don't collect any evidence at all, much less evidence that might stand a chance of holding up in court. I'm still surprised by the number of computers I investigate that don't, at a minimum, have event logging turned on.
Even if more evidence was collected, most of it wouldn't stand up to a decent lawyer, assuming it would even be allowed in court. Collecting and preparing good legal evidence takes planning and commitment. Few organizations have the dedication or expertise.
4. Lack of resources
Few victims or victim advocacy groups have the resources, technology, or funding to pursue Internet criminals. I know many people who have lost tens of thousands of dollars to fraudulent transactions, including car sales, stock trades, bank transfers, and so on. Unfortunately, the amount lost usually pales compared to the cost of the resources that would be needed to recover the funds.
Many victims are too ashamed of their own gullibility to report the crime. If they do, a report will be taken -- and that's that. Your local enforcement agency isn't about to cross international boundaries to try and to recover your personal money. You can report it to the proper authorities, but rarely will they do anything to recover the damages or prosecute.
5. Cyber crime isn't hurting the economy enough (yet)
Lastly, the amount of Internet crime isn't hurting economies enough to raise a global red alert. Sure, Internet crime probably results in the loss of hundreds of millions -- or perhaps several billion -- dollars each year, but that amount of crime has persisted for a long time, well before the Internet.
Most of today's Internet crimes are newer versions of crimes and scams that have been occurring for decades before the Internet was around. Take credit card fraud: Retail stores would once look up known fraudulent credit card numbers in little paper books that the credit card vendors handed out. Nigerian scams have been around, via paper letters, phone calls, or faxes, at least since the 1990s.
Unfortunately, most Internet crime is seen as a necessary cost of doing business. As long as the majority of transactions are legitimate, the noise will be acceptable.
The solution is right in front of us
I've often wondered what it would take for our world to decide to diminish Internet crime substantially. We've had the means and technology to do so for a long time. We are not waiting for some fantastic new technology. Everything we need we already have, except for global consensus on how to do it and actually enabling the new features.
Personally, I think it's going to take a huge disaster. A digital catastrophe will happen eventually and bring down much of the Internet for a few days -- or shut down financial markets for a few hours or more. Passive acceptance of Internet crime will no longer be tolerated. We'll finally have to do something about it.
Though we have smarter online users, better detection tools, and a host of legal tools at our disposal, Internet crime is worse than ever. It's been a long time since I've run into someone who hasn't had his or her life impacted by Internet crime.
How did we ever let Internet crime get so big? Why do we let Internet criminals get away with so much that it impacts and threatens nearly every transaction we commit over the Internet? Read on:
1. Internet criminals almost never get caught
The world is full of malicious individuals who have no problem skirting rules and laws, as well as taking property that belongs to other people. Bad people exist -- and the Internet is a very low-risk neighborood in which they can run amok.
There are tens of thousands of Internet criminals, almost none of whom get caught or prosecuted. If you're an Internet criminal, you have to be especially brazen for a long time -- and make mistakes -- before you get caught.
You don't have to be a mastermind or uber hacker. One of the most popular misconceptions is that you have to be hyperintelligent to get away with cyber crime. The exact opposite is true. Most Internet criminals I've met (and chatted with online) are not particularly smart. They couldn't program a simple notepad application, and they certainly don't have to be as smart as the average defender.
They simply lack morals, buy programs from other, smarter programmers, and want to roll the dice and take the risk. But they aren't taking any real risk, and that's the central problem: You can get rich without much risk of getting caught. Until this equation changes, we will never see a significant decrease in Internet crime.
2. Indefinite legal jurisdiction
Most Internet crime takes place across international borders. Law enforcement agencies are always limited to jurisdictional boundaries. For instance, a city police officer in Billings, Mont., can't easily arrest someone in Miami, Fla. We have federal law enforcement agencies, which reach across city and state boundaries, but they can't easily traverse international boundaries.
The FBI can't go to China and arrest someone just because they have legal evidence a crime being committed by a person there. They have to submit a request, which will likely be ignored, to Chinese authorities. But let's not pick on the Chinese. It's not like we're going to arrest an American citizen and ship him off to Beijing anytime soon, either, regardless of the evidence.
Sometimes law enforcement agencies of one nation work with another nation's law enforcement, but these occasions are rare. Plus, the really big ones involved with the majority of the Internet crime, like Russia, China, and the United States, certainly don't cooperate with each other.
3. Lack of legal evidence
Another huge impediment to successful convictions is the lack of official, legal evidence. Most courts accept "the best representation" of evidence recorded during the commission of a crime. But most computer systems -- and many networks in totality -- don't collect any evidence at all, much less evidence that might stand a chance of holding up in court. I'm still surprised by the number of computers I investigate that don't, at a minimum, have event logging turned on.
Even if more evidence was collected, most of it wouldn't stand up to a decent lawyer, assuming it would even be allowed in court. Collecting and preparing good legal evidence takes planning and commitment. Few organizations have the dedication or expertise.
4. Lack of resources
Few victims or victim advocacy groups have the resources, technology, or funding to pursue Internet criminals. I know many people who have lost tens of thousands of dollars to fraudulent transactions, including car sales, stock trades, bank transfers, and so on. Unfortunately, the amount lost usually pales compared to the cost of the resources that would be needed to recover the funds.
Many victims are too ashamed of their own gullibility to report the crime. If they do, a report will be taken -- and that's that. Your local enforcement agency isn't about to cross international boundaries to try and to recover your personal money. You can report it to the proper authorities, but rarely will they do anything to recover the damages or prosecute.
5. Cyber crime isn't hurting the economy enough (yet)
Lastly, the amount of Internet crime isn't hurting economies enough to raise a global red alert. Sure, Internet crime probably results in the loss of hundreds of millions -- or perhaps several billion -- dollars each year, but that amount of crime has persisted for a long time, well before the Internet.
Most of today's Internet crimes are newer versions of crimes and scams that have been occurring for decades before the Internet was around. Take credit card fraud: Retail stores would once look up known fraudulent credit card numbers in little paper books that the credit card vendors handed out. Nigerian scams have been around, via paper letters, phone calls, or faxes, at least since the 1990s.
Unfortunately, most Internet crime is seen as a necessary cost of doing business. As long as the majority of transactions are legitimate, the noise will be acceptable.
The solution is right in front of us
I've often wondered what it would take for our world to decide to diminish Internet crime substantially. We've had the means and technology to do so for a long time. We are not waiting for some fantastic new technology. Everything we need we already have, except for global consensus on how to do it and actually enabling the new features.
Personally, I think it's going to take a huge disaster. A digital catastrophe will happen eventually and bring down much of the Internet for a few days -- or shut down financial markets for a few hours or more. Passive acceptance of Internet crime will no longer be tolerated. We'll finally have to do something about it.
No comments:
Post a Comment