Internet Ripe for Hacking & Other Cyber Crime

Hacking chaos and other cyber crimes are rife on the Internet as serious flaws lay in computer defenses, specialists told experts on cyber security at Black Hat, an international conference in Nevada.

Hackers could use Internet browser to access others' computers and give commands, the Black Hat session revealed.

Various experts and other participants attending the 2007 Black Hat digital self-defense talkfest at Las Vegas heard Richard Clarke, czar on U.S. counter-terrorism. He blasted off saying the President George W. Bush didn't show enough interest in upgrading cyber security.

Unfortunately, companies meant to defend computer systems act by resolving problems when attacks take place rather than predict and block them, said Dinis Cruz of London-based Ounce Labs. AUSTRALIAN IT reported this on August 7, 2007.

The industry was currently in a reactive mode, Cruz said. There is increasing use of certain software by hackers to conceal and deliver malware that infect systems. This software, commonly employed for sharing text, music and video files, is now hackers' preference too.

In a warning to the attendees, Richard Clarke said that the continuous effort to globalize the economy on cyber space in its present state is dangerous activity because cyber space is still not adequately secured. Users who engage in online transactions barely authenticate and encrypt them. Information Week reported this on August 1, 2007.

There is constant pressure on software developers to produce programs fast and cheap, while preventing evildoers' abuses on the programs gets low priority, security specialists unanimously agreed.

One participant at the conference drew an analogy of Microsoft's Vista operating system to a castle having thick walls of concrete and doors of steel. He described it as stupid defense software whose guard would hand the keys to sly attackers.

Cruz further said that often the applications on which users rely have massive flaws. In addition security providers with their products cause more problems for the networks than solve them.

Clarke emboldened the security researchers at the conference to not just concentrate on uncovering software vulnerabilities and informing vendors about them but also urge industry and government to change policies and practices that restrain security improvements.

Related article: Internet Threat Volumes Overwhelm Security Companies

» SPAMfighter News - 8/20/2007