The Top Ten Security Threats for 2008 (Part 14) – Vandalism

December 6, 2007

Here is my ninth entry on the top ten cybersecurity threats for 2008:

      — Cyberspace vandalism.

Cyberspace vandalism is the defacement or destruction of visible web sites or less visible computer systems (for example files).   Dangerous acts of vandalism are by often politically or antisocially motivated criminals who break into a web site, steal or destroy files if they can, and then leave a “calling card,” similar to urban grafitti by gangs. 

Computer and web vandalism, as a cybersecurity threat, has been around for a long time.   However, we have seen the threat increasing as radical and extremist groups expand their political and social objectives cyberspace.    The “bragging rights” element of vandalism still exists; but this is falling out of favor to criminal financial gain.    Cyber vandalism can also be used to damage the brand and reputation of organizations.

Advertisements

Type I and Type II Errors – The Heart of Event Processing

December 5, 2007

Opher Etzion begins to discuss one of the topics I consider to be the heart of event processing in his post, On False Positives and False Negatives.

Statistically speaking, false positives are called Type I errors (α errors) and false negatives are called Type II errors (β errors).

If you are interested in “getting to the heart” of complex event processing, visit this link.   I’ll discuss detection theory in more detail in a future post.


The Top Ten Security Threats for 2008 (Part 13) – Summary

December 5, 2007

I have now posted eight out of the top ten cybersecurity security threats for 2008, still unordered.    Here is what we have so far:

   — Cyber masquerading to abuse, attack, blackmail, bully, extort, or molest.

   — Password and identity theft from phishing, spyware, malware and theft of hardware.

   — Criminal use of botnets and botnet-like technologies.

   — Cyberbullying, cyberterrorism and other forms of electronic violence.

   — Subversion of democratic political processes.

   — Criminal manipulation and subversion of financial markets.

   — Spying by governments, industry and criminals.

   — Denial-of-service attacks.

 Eight threats down, two to go.    Your comments and suggestions are welcome!


The Top Ten Security Threats for 2008 (Part 11)

December 3, 2007

Continuing my list of the top ten cybersecurity threats for 2008, here is another looming threat:

      — Spying by governments, industry and criminals.

Spying, also known as espionage, is the crime of illegally gathering secret or confidential information about a government or commercial entity.  This also includes stealing proprietary information and intellectual property.  Often espionage directed toward as individual is grouped into the less malicious sounding category of privacy crimes; however,  I am going to group all these crimes into the same category, spying.

Espionage is a serious threat.   Nations sponsor espionage to learn about other nations and industries.   Industries sponsor espionage too.  Remember the HP spying scandal of 2006?  

Espionage is location independent in the globally connected world of cyberspace; and spying makes our list as one of the top ten cybersecurity threats of 2008.


The Top Ten Security Threats for 2008 (Part 10)

December 3, 2007

Starting on my next five top cyber security threats for 2008, here is another serious threat:

      — Criminal manipulation and subversion of financial markets.

In one of our earlier posts, I mentioned the subversion of democratic political processes as a top ten cybersecurity threat for 2008, which included information warfare techniques applied to elections and other political processes.  

The top ten cybersecurity threat in this post, criminal manipulation and subversion of financial markets, is very similar to the threat of the subversion of democratic processes.  Criminals can easily use powerful botnets, blogs, social networking, spam, RSS and other cyber technologies to target and manipulate financial markets with pump-and-dump and similar fraudulent schemes.

Not only do fraudsters, unethical brokers and corrupt analysts inject good news into cyberspace to illegally inflate the market value of equities; they also poison cyberspace with doom-and-glum messages to deflate market values.   This threat poses a serious threat to investors as well as the overall integrity of financial markets.    Indeed, this threat may be used to subvert the democratic process, indirectly attacking our of the most critical infrastructures globally, the financial markets.

Bad news travels fast and the effects are furious.  Just look at E*Trade and the effect each analyst has had on their stock price recently.   One analyst talks about how good a new development is for E*Trade, stocks rise.  Another analyst talks about how bad the same development is for E*Trade, the stocks plunges.   Fortunes are made and lost on news blurbs that rise, fall and fade away, like the light of fireflys, in cyberspace.  This is a very real cybersecurity threat now, in 2008 and beyond.


The Top Ten Security Threats for 2008 (Part 9) – Summary

December 3, 2007

I have now posted five of the top ten cybersecurity security threats for 2008, in no particular order (yet).    Before moving on to the next five, here is a summary of what I have offered so far:

   — Cyber masquerading to abuse, attack, blackmail, bully, extort, or molest.

   — Password and identity theft from phishing, spyware, malware and theft of hardware.

   — Criminal use of botnets and botnet-like technologies.

   — Cyberbullying, cyberterrorism and other forms of electronic violence.

   — Subversion of democratic political processes.

As always, thank you for reading my blog.  Now, on to the next five of the top ten cybersecurity threats for 2008.


The Top Ten Security Threats for 2008 (Part 8)

December 3, 2007

Five down, five to go, in our top ten cybersecurity threats for 2008, after this one.    I will reorder these information security threats later.  Here is another top information security threat for 2008:

      — Subversion of democratic political processes.

Regardless of your political orientation, no one can argue that the US presidential election of 2000, where Al Gore won the popular vote and George Bush won the electorial vote by a political ruling, has not changed the world dramatically and forever.    Al Gore conceded the presidency and then went on to win the Nobel Peace Prize (see footnote).   

Democratic processes can be subverted by information technologies.  One of the threats we often read about is subverting voting machines and vote counting.  However, another threat, one more difficult to quantify, is the manipulation of the media and public opinion for political, social and economic gain.

The US presidential election of 2000 leaves us little doubt that political parties, and their operatives, know no limit in their quest to gain or maintain power.  The stakes are extremely high.   Taxpayers money (our money!), an unimaginable large amount of money, are allocated and spent based on the outcome of just about every political process.   The amount of money governments spend, especially the US government, is staggering.

Remember when blogging (and the Internet) was by “the common citizen” – a grass roots way to communicate?  Now, the blogosphere is a mainstream media and the politicans are operating with full force, fully funded.   The same is true on and in social networking sites, YouTube, and virtual worlds like Second Life.

This threat is often called “information warfare” when one nation manipulates cyberspace for political gain.   What do we call this when our domestic political parties do the same thing using information technologies to subvert democratic processes?

This brings up another basic question.  

What really is “democracy” when elections are now decided by who can win domestic political “cyberwars” or “cybercampaigns”? 

The subversion of democratic processes is a very real cybersecurity threat in 2008 and beyond.    The world has changed dramatically, and it will continue to change in ways we cannot imagine.   In fact, in my opinion, science fiction, where gory monsters and aliens have conflicts with humans, seems pale compared to what the future brings our planet Earth.

———–

Footnote: Since this is not a political blog, I’ll end this paragraph by saying that I voted for Al Gore.   In full disclaimer, I actually worked for Al Gore’s father as a legislative assistant when I was a college student in Tennessee.