[Infowarrior] - Secret war on web crooks revealed

Richard Forno rforno at infowarrior.org
Wed Jun 17 13:24:14 UTC 2009 

http://www.ft.com/cms/s/0/0457bd68-5945-11de-80b3-00144feabdc0.html?nclick_check=1

Secret war on web crooks revealed

By Maija Palmer

Published: June 15 2009 03:00 | Last updated: June 15 2009 03:00

The people who run the world's internet systems are a rather secretive  
bunch.

Three times a year, senior technical officers from companies such as  
Google, Yahoo, AT&T, Comcast and Verizon meet to discuss ways of  
stopping the internet from being swamped by rising levels of spam,  
viruses and hacking attacks by organised criminals. They do not  
generally like discussing these meetings.

"Some people might get nervous if they knew all the things we talked  
about," said Michael O'Rierdan, chairman of the Messaging Anti-Abuse  
Working Group (MAAWG). "Its our job to make the internet safe, but we  
don't want to put people off using the web."

They are also worried about being targeted by the cyber-criminals they  
are trying to thwart.

Most of the spam and hacking on the internet is run by organised crime  
rings. There is an underground economy that hacks into computers,  
sells stolen identities and orchestrates the sending of spam e-mails  
about everything from fake Viagra pills to banking scams. There is a  
lot of money at stake in keeping these operations running.

"We get threats every day," said Larry, chief technical officer of  
Spamhaus, a non-profit organisation that exposes spammers. He prefers  
not to reveal his surname. "In the US it is people bringing lawsuits  
against us. And then there are organised criminals in Russia and  
Ukraine, who use different methods."

Steve Linford, the organisation's founder, has been advised by police  
not to open unexpected packages arriving at his home.

MAAWG meetings are also places to discuss some of the controversial  
measures that internet companies need to take in the fight against  
spam, such as blocking some types of e-mail traffic. This measure sits  
awkwardly with civil liberties bodies.

The 270 delegates from 19 countries who met at Amsterdam's venerable  
Hotel Krasnapolsky last week were far from the usual, suit-wearing  
conference crowd. An eclectic mix of tattoos, ponytails, high-waisted  
trousers and backpacks indicated that these were true operations  
people who work in the bowels of the network.

Membership is strictly vetted and journalists are not normally invited  
to attend, but MAAWG has started to lift its veil a little. There is a  
growing feeling that the industry must reach out to consumers and get  
them to help fight cyber-crime.

In 2008, 349.6bn spam messages were sent across the internet,  
according to Symantec, the internet security company. Spam accounts  
for an average of almost 94 per cent of all e-mail messages.

Nearly 90 per cent of spam is sent from computers that have been  
hacked into and are being remotely programmed to send out spam.

More than 9.4m computers have been hijacked in this way and their  
owners are usually entirely unaware it is going on. It will be  
impossible to clean up these machines without talking to consumers.

"Sometimes we want people to know what we are doing, so they can yell  
at the politicians to give us more help," said Jerry Upton, executive  
director of MAAWG.

There is a rising sense of crisis among internet companies about the  
cost of spam. Few are willing to quantify how much they have to spend  
to fight spam, but Mr O'Rierdan estimated that big internet service  
providers employ five to 10 staff just to look at spam. In addition  
they must buy spare servers, routers and other equipment to cope with  
the volumes of junk mail, buy spam-filtering software and run support  
centres for their customers.

Viriya Upatising, chief technical officer of True Internet, a Thai  
internet service provider, said junk mail was a crippling cost for the  
company because it was paying to send the unwanted data across  
undersea cable connections to destinations such as the US and Europe.

"The cost of bandwidth is expensive in Asia," Mr Upatising said. "It  
costs us $250 per megabit per month to send data internationally."

The company put in place a draconian system that prevents suspected  
spammers from using its network. The measures have cut unwanted  
messages from 3.5m a day to a more manageable 250,000.

"We are all sharing these costs," said Patrick Peterson, chief  
technology officer at Ironport Systems, Cisco's e-mail security arm.  
"Spam is a stealth tax on consumers. ISPs have to pay for the spam,  
for the extra bandwidth, for equipment, and they are forced to put up  
their prices for consumers."

There is a fear among internet security professionals that they might  
be losing the battle to cyber-criminals. This may also be why they now  
want the public to know more about what they do, to show they have at  
least tried.

"I don't know if we can control it," said Dave Crocker, one of the  
early pioneers of e-mail and now a senior technical adviser to MAAWG.

He added: "It is an arms race. We are getting better at filtering out  
rogue messages but every day the criminals get better too, and they  
are better organised and more aggressive."

Keywords: the dark side of the web

* Spam: Unsolicited electronic messages, most commonly e-mail, but  
also increasingly common in instant messaging, blogs and mobile phone  
messages. The first e-mail spam is believed to have been sent in 1978.

* Malware: Malicious software designed to infiltrate or damage a  
computer system without the owners' consent. Symantec, the internet  
security company, has estimated there is now more malware released  
each year than legitimate software programs. There are many different  
types of malware, including viruses, worms and Trojan horses.

* Phishing : The fraudulent attempt to acquire sensitive information  
such as passwords, bank account details and credit card numbers.  
Typically it is in the form of an e-mail that directs people to a fake  
website - that looks like the legitimate site of a bank or other  
trusted organisation - where people are asked to enter personal details.

* Botnets: A network of computers that have been hacked and are being  
remotely controlled by cyber-criminals. Typically they are used to  
send out spam messages or viruses in large numbers. Most users will be  
unaware if their computer has been infiltrated and added to a botnet.  
Symantec estimated there were more than 9.4m machines hijacked in this  
way in 2008.

Copyright The Financial Times Limited 2009

More information about the Infowarrior mailing list