2010年8月25日 星期三

FW: [NEWSBANK] Microsoft can only do so much to fight cyber threats


-------------------------------------------
寄件者: Jovi Umawing (AV-PH)
傳送日期: Wednesday, August 25, 2010 4:08:30 PM
收件者: Newsbank
主旨: [NEWSBANK] Microsoft can only do so much to fight cyber threats
自動依照規則轉寄


 

Microsoft can only do so much to fight cyber threats

Thwarting cyber criminals also requires cops to work together

By Robert Mullins on Tue, 08/24/10 - 6:51pm.

That headline was not written to make me sound like an apologist for Microsoft. A lot of the security breaches happen because people with bad intentions exploited weaknesses in ubiquitous Windows operating systems in computers worldwide. Try as they might, Microsoft and other software companies still need to diligently patch security leaks in the virtual world. But there is also a need for security in the physical world, although a recent report shows not all the cops on the beat are doing their jobs.

The New York Times reported Monday that U.S. authorities arrested a Russian resident in France earlier this month who has been indicted in the U.S. on charges of identity theft and fraud for allegedly managing Web sites that sold stolen credit card numbers to those who would use the numbers to run up fraudulent bills. The article points out that the suspect, Vladislav Horohorin, who went by the Internet moniker BadB, worked with impunity in Moscow due to lax efforts by Russian law enforcement.

Online fraud is not a high priority in Russia even when specific hackers there have been identified by outside groups, the Times reported, because most of the time, fraud victims aren’t in Russia, but are in Europe or the United States. A nonprofit group aimed at fighting spam and other online fraud, theSpamhous Project, told the newspaper that seven out of 10 spammers in the world operate out of Estonia, Russia and Ukraine, all once part of the Soviet Union.

The article again makes the point that has been made before on this blog that fighting cybercrime requires global law enforcement cooperation. But the article adds that while the U.S. sees fighting cybercrime as a law enforcement issue, the Russians have pushed for an international treaty focused on restricting use of “online weapons” by military or espionage agencies. The U.S. has entered treaty talks with Russia, but there seems to be a fundamental disagreement on what is the right approach.

The idea of a treaty among nations to require enforcement of laws against cybercrime first came up on this blog back in March at RSA Conference 2010 when cybersecurity consultants said they felt the risk of a cyberattack is high but that preparedness is low. The “Pearl Harbor” warning made at that panel discussion continues to spark comments on this blog from skeptics who question the analogy and think the threat may be overstated by consultants who sell security. They were Richard Clarke, an adviser to three presidents and Michael Chertoff, secretary of homeland security under President George W. Bush. By the way, it was Chertoff who said it might take the cyber equivalent of the attack on Pearl Harbor in 1941 to serve as a wake-up call to step up security.

Commentors called out the hyperbole of this writer as well as the cybersecurity consultants for the Pearl Harbor analogy and for using terms like “catastrophic” to describe the cyberthreat. Fair enough. But whether it’s the nuisance of spam, the financial loss of credit card fraud, or the far more serious taking down of an electrical grid, cybercrime needs to be addressed both by technology companies and nations.

 

Source: http://www.networkworld.com/community/node/65413

 

 

All the best,

 

 

Jovi Bepinosa Umawing | Technical Communications Associate

8th Flr. Tower 2, Rockwell Business CenterOrtigas Ave., Pasig City

Office: 63.02.995.6200 X 5977 | Mobile: 63.916.593.7203

Philippians 4:13 - I can do all things through Christ who strengthens me (KJV)

 

 

沒有留言: