Thursday, May 18, 2006

DIGILIFE | Cyber-blackmail on the rise

Blackmail SCHEMES are starting to be reported in Europe and US, by which hackers steal personal or corporate information then blackmail their victims into paying money to prevent them from spreading it or using it.

It is frightening when you consider the implications of such actions on a world that puts every bit of its information on computer networks.

Governments, financial institutions, the military, intelligence services and many organizations hold information and records that cannot and should not be compromised; but might be without proper network security, or through a determined and skillful penetration attempt.

And that seems to be the main problem today, skill coupled with determination.

Apparently, security specialists are being challenged everyday, with breaches. Systems thought to be secure turn out to have loop-holes and vulnerabilities.

The situation now has reached a stage where every security system is presumed vulnerable, awaiting a hacker smart enough to breach it. The trick nowadays is to hire these hackers to find the loop-holes for you, so you can close them!

Back to some of the blackmail stories being reported in the media, a Moscow-based crime organization spread a virus across the Russian banking system a few months ago, which would encrypt data or corrupt the system information, the require a ransom to be paid to de-crypt or fix the problem.

The demands reported varied from $50, in some cases, to as much $2,500 in others.

This marks a shift from the typical virus attacks, which brought little benefit to virus writers other than destroying target organizations or networks.

Coordinated attacks for profit, using malicious software such as viruses, spyware and adware, has become common nowadays and has grown exponentially in the past four to five years.

Police and investigation agencies need to step into this domain more aggressively, but one of the main problems is the multi-country nature of these attacks and sorting out the jurisdiction issues.

If an attack originates in Russia for example, how can a Western European investigations bureau get in there without cooperating with a local authority; who’s serious about cyber-crime or has time to worry about it with every other type of real-life crime rampant! Not every country views digital crime in the same way, thereby safe-havens for these criminals.

Another dangerous development is that criminals cooperate and create groupings to implement these schemes. Virus writing groups infect networks, turning them into zombie-style servants; then rent out a service to carry out attacks or steal information through these networks for crime organizations, who then blackmail the victims or sell and pass on the information to other crime organizations or simply to corrupt business people who had hired them to hire the virus writers to begin with!

Confusing, isn’t it? Imagine how police and authorities feel about it. They better start planning ways to counter it.

(published in The Star newspaper)


Post a Comment

Subscribe to Post Comments [Atom]

<< Home