In my last entry, I wrote about the fascinating thesis of the smart people following Conficker’s purpose, which was that it is a play for creating a criminal, shadow cloud computing eco-system.

Well April 1 - which has been widely publicized as an activation date for Conficker - has come and gone in many parts of the world, and the 24-hour news channels are already moving on, given that Judgement Day 2009 appears a lot less dramatic than it was in T2. (BTW, who thinks this type of hysteria is something we are going to have to deal with every decade, like a cyber-version of locust hordes?  Remember Y2K?)

Nonetheless, back to the smart people, the thinking is that a heightened state of vigilance will be required for quite some time (forever?) because the reality of it is, this is ultimately about making money.  And the best way to make money is to take it quietly and hope no one ever notices, so you enjoy the fruits of your labor.

Which fruits, by the way, appear to be pretty attractive, no matter if you are in a third or first world country.  Check out this paragraph from a BBC News article on the subject:

A recent report by security firm Finjan claimed that cybercrime is as lucrative a business as drug trafficking.  Its Cybercrime Intelligence Report found that a single hacker could make as much as $10,800 (£7,300) a day, which the company extrapolated to $3.9m (£2.6m) a year.  Finjan’s chief technology officer Yuval Ben-Itzhak said: “Cybercrime today is a very, very big business and those behind Conficker have spent a lot of money organizing, writing code and securing these machines so they will be looking for a return soon.  “This type of cybercrime activity is here to stay and will grow because there is so much money involved and it’s hard to get caught.

Couple that with Asia exceeding the rest of the world in growth of Internet access (with China blowing past the U.S. in total users last year, and growing) and you can understand this related news about the growth in malicious activity, posted on ZDNet:

Released Tuesday, March 31, the MessageLabs Intelligence Report revealed that 2, 797 new Web sites hosting malicious content including spyware, were blocked by the security vendor in March, a 200 percent jump over the previous month. The rise, which was the highest since October 2008, was largely due to a spike in the number of images containing injected scripts. Such images were also found in e-mail messages during the month, said MessageLabs, now a Symantec company.

So, Skynet lives on, but rather than the drama of save-the-world heroics that conveniently fits in a 2-hour movie format, the “real” Skynets of the future are much more likely to be designed like the biotech going into steroids:  undetectable and highly lucrative.

On a quick related note:  If you want a convenient way to tap into nGenera’s smart people to learn more and share your own thoughts & experiences on security, then make sure to visit the nGenera public community.  Just visit community.ngenera.com to get started.

ShareThis

In my last entry, I wrote about the fascinating thesis of the smart people following Conficker’s purpose, which was that it is a play for creating a criminal, shadow cloud computing eco-system.

Well April 1 - which has been widely publicized as an activation date for Conficker - has come and gone in many parts of the world, and the 24-hour news channels are already moving on, given that Judgement Day 2009 appears a lot less dramatic than it was in T2. (BTW, who thinks this type of hysteria is something we are going to have to deal with every decade, like a cyber-version of locust hordes?  Remember Y2K?)

Nonetheless, back to the smart people, the thinking is that a heightened state of vigilance will be required for quite some time (forever?) because the reality of it is, this is ultimately about making money.  And the best way to make money is to take it quietly and hope no one ever notices, so you enjoy the fruits of your labor.

Which fruits, by the way, appear to be pretty attractive, no matter if you are in a third or first world country.  Check out this paragraph from a BBC News article on the subject:

A recent report by security firm Finjan claimed that cybercrime is as lucrative a business as drug trafficking.  Its Cybercrime Intelligence Report found that a single hacker could make as much as $10,800 (£7,300) a day, which the company extrapolated to $3.9m (£2.6m) a year.  Finjan’s chief technology officer Yuval Ben-Itzhak said: “Cybercrime today is a very, very big business and those behind Conficker have spent a lot of money organizing, writing code and securing these machines so they will be looking for a return soon.  “This type of cybercrime activity is here to stay and will grow because there is so much money involved and it’s hard to get caught.

Couple that with Asia exceeding the rest of the world in growth of Internet access (with China blowing past the U.S. in total users last year, and growing) and you can understand this related news about the growth in malicious activity, posted on ZDNet:

Released Tuesday, March 31, the MessageLabs Intelligence Report revealed that 2, 797 new Web sites hosting malicious content including spyware, were blocked by the security vendor in March, a 200 percent jump over the previous month. The rise, which was the highest since October 2008, was largely due to a spike in the number of images containing injected scripts. Such images were also found in e-mail messages during the month, said MessageLabs, now a Symantec company.

So, Skynet lives on, but rather than the drama of save-the-world heroics that conveniently fits in a 2-hour movie format, the “real” Skynets of the future are much more likely to be designed like the biotech going into steroids:  undetectable and highly lucrative.

On a quick related note:  If you want a convenient way to tap into nGenera’s smart people to learn more and share your own thoughts & experiences on security, then make sure to visit the nGenera public community.  Just visit community.ngenera.com to get started.

ShareThis

Given the worldwide celebrity of the Governator, nearly everyone has seen or heard of the Terminator movie series, where an apocalyptic future is caused (and later averted through some tricky time travel) by an all-powerful military computer network called Skynet.

Well, today, NY Times reporter John Markoff gave a progress report on the latest in a global battle between the creator (or more like creators) of an ultra-sophisticated computer work, called Conficker, and a group of computer security experts, developers, and law enforcement agencies, rallied together by the ICANN.The Conficker worm is software code that is intended to infect and then control millions of computers (which when infected, are known as zombies) so that they can be operated like one giant computer, referred to as a botnet. The zombie computer networks can be used in many ways, from generating attacks on other computer networks, to distributing malicious software and pernicious messages like spam, to seizing control of Internet domain names.

The article starts off as an interesting update on the worm and how it has been increasingly strengthened since it was first released late last year. But, where is goes from interesting to downright fascinating is when it turns to the subject of motivation by the Conficker creators.

Quoting: “The growing suspicion is that Conficker will ultimately be a computing-for-hire scheme. Researchers expect it will imitate the hottest fad in the computer industry, called cloud computing, in which companies like Amazon, Microsoft, and Sun sell computing as a service over the Internet.”

Although there have been clues about the Conficker author’s (or authors’) location – not the least of which is that among the very first things the worm does is check for a Ukrainian keyboard – the evidence is inconclusive. But, the odds are on a very advanced and productive team centered in Eastern Europe.

Think about it: a shadow, criminal cloud computing network, as powerful as any available from the world’s leading information technology companies. What does this mean? SRI International researchers have written extensively about the worm, including detailed examination of its code. In the article by the Times’ Markoff, in answer to the question of meaning, he quotes SRI research director Phillip Porras with the following: “Perhaps in the best case, Conficker may be used as a sustained and profitable platform for massive Internet fraud and theft. In the worst case, Conficker could be turned into a powerful offensive weapon for performing concerted information warfare attacks that could disrupt not just countries, but the Internet itself.”

So, a pre-cognitive version of Skynet lives. But, behind it, the principles of wikinomics – mass collaboration amongst two apparently passionate dedicated groups of people, one on each side of international law – is playing out in a way that could have profound effects on our public and private information flow for years, if not for sure by April 1.

ShareThis

Given the worldwide celebrity of the Governator, nearly everyone has seen or heard of the Terminator movie series, where an apocalyptic future is caused (and later averted through some tricky time travel) by an all-powerful military computer network called Skynet.

Well, today, NY Times reporter John Markoff gave a progress report on the latest in a global battle between the creator (or more like creators) of an ultra-sophisticated computer work, called Conficker, and a group of computer security experts, developers, and law enforcement agencies, rallied together by the ICANN.The Conficker worm is software code that is intended to infect and then control millions of computers (which when infected, are known as zombies) so that they can be operated like one giant computer, referred to as a botnet. The zombie computer networks can be used in many ways, from generating attacks on other computer networks, to distributing malicious software and pernicious messages like spam, to seizing control of Internet domain names.

The article starts off as an interesting update on the worm and how it has been increasingly strengthened since it was first released late last year. But, where is goes from interesting to downright fascinating is when it turns to the subject of motivation by the Conficker creators.

Quoting: “The growing suspicion is that Conficker will ultimately be a computing-for-hire scheme. Researchers expect it will imitate the hottest fad in the computer industry, called cloud computing, in which companies like Amazon, Microsoft, and Sun sell computing as a service over the Internet.”

Although there have been clues about the Conficker author’s (or authors’) location – not the least of which is that among the very first things the worm does is check for a Ukrainian keyboard – the evidence is inconclusive. But, the odds are on a very advanced and productive team centered in Eastern Europe.

Think about it: a shadow, criminal cloud computing network, as powerful as any available from the world’s leading information technology companies. What does this mean? SRI International researchers have written extensively about the worm, including detailed examination of its code. In the article by the Times’ Markoff, in answer to the question of meaning, he quotes SRI research director Phillip Porras with the following: “Perhaps in the best case, Conficker may be used as a sustained and profitable platform for massive Internet fraud and theft. In the worst case, Conficker could be turned into a powerful offensive weapon for performing concerted information warfare attacks that could disrupt not just countries, but the Internet itself.”

So, a pre-cognitive version of Skynet lives. But, behind it, the principles of wikinomics – mass collaboration amongst two apparently passionate dedicated groups of people, one on each side of international law – is playing out in a way that could have profound effects on our public and private information flow for years, if not for sure by April 1.

ShareThis