Is The Whole Internet Still In Beta?

Folks, below is an article written by the editor of WServerNews.com. I regret posting it in its entirety, and I hope the author will pardon me, but I cannot find a direct link.. and I think you, Dear Reader, should get a glimpse of what the experts say to each other.

>  Editor’s Corner

Is The Whole Internet Is Still In Beta?
I just finished reading a book last weekend called: ‘Fatal System Error’, by Joseph Menn. He’s a journalist who covers cybersecurity for the Financial Times after a decade on the same beat at the Los Angeles Times. The tag-line of the book is: ‘The hunt for the new crime lords who are bringing down the Internet’. Definitely interesting reading, as it goes into the MO of the gangs in Eastern Europe and also the fact that those governments are not really interested in doing something about it. On the contrary, they are now and then using these gangs for DDoS attacks, e.g. Georgia recently. Three interesting points he made in the book were:

1. More education is required. People who won’t let their lawns go uncut out of respect for the neighbors need to realize that turning on a PC without a strong firewall and without an OS and antivirus that each update automatically is like leaving a loaded shotgun on the front porch for passersby. It almost guarantees their computers will be compromised and used for nefarious activities.
2. One expert mentions: “It’s incredibly disturbing, the engine of the world economy is based on this really cool experiment that is not designed for security, it’s designed for fault-tolerance. You can reduce your risks, but the naughty truth is that the Net is just not a secure place for business or society“.
3. And then the thing that really got my interest, Vincent Cerf, who was the co-author of the core Internet protocols, said: “My thought at the time, thirty-five years ago, was not to build an ultra-secure system, because I could not tell if even the basic ideas would work.” And here comes the kicker: “We never got to do the production engineering”. With that he means the version ready for prime time. So there you have it; Internet Protocol is really still in Beta. And most experts agree it’s broken. You -really- need to take all measures necessary to make sure your organization is safe on the Internet.

Cybercriminals have found a new, rich hunting ground: small businesses’ bank accounts. The average monetary loss for a cybercrime attack is $395,000, CS0 Magazine reported. The Wall Street Journal on Feb 8, 2010 had a major story on this. There was a side-bar that showed some interesting numbers about the causes of security breaches at small and midsize companies:

• System breakdown/hardware failure: 47%
• Lost/stolen laptop, smartphone or PDA: 44%
• Human error: 39%
• Loss/Theft of backup tapes or devices with sensitive data: 35%
• Improper / out-of-date security: 32%
• Natural/on-site disaster: 26%
• Employee sabotage: 25%
• Improper security procedures or education: 19%
• Unsure: 4%

I will go a step further than I have seen any expert come right out and say – the inherent insecurity of the TCP/IP-based “Internet”, combined with Cybercrime, is one very large reason why the global economy is in such dire straights. They are measuring losses from a single banking Trojan in the $millions, for example. (click here to read that story…)

I sincerely thank the author for this article, and I hope I will be forgiven my infringement (or provided with a direct link).

I invite you to visit WServerNews.com.

February 13, 2010 Posted by techpaul | computers, cyber crime, Internet, News | 2 Comments