[ insider_reports_insider ]
New Cybersecurity Laws A "Waste Of Time"
David Utter
Staff Writer
2007-08-10
 Insider Reports RSS Feed
Roger Thompson of Exploit Prevention Labs took a few minutes to talk about botnets, foreign security threats, and the likelihood new US laws on computer security will have any effect.
 | | New Cybersecurity Laws A Waste of Time |  |
When I last mentioned the online version of the Exploit Prevention Labs product, LinkScanner, I'd mused about the possibility of laws enacted here reaching criminals in China and Russia. That was a year ago, so it was something that needed to be addressed again.
Roger Thompson did so during our chat about his company's exploit-blocking tools for network assets. There's some hope to stem the tide of exploits, particularly from the heavily active, Storm worm-driven botnets at work.
He explained that exploits tend to be copied by others, with a few minor changes and tweaks here or there. Essentially the same attacks keep hitting targets. Exploit Labs' LinkScanner product driver sees such exploits coming in, Thompson said, and blocks the socket in use while notifying the user.
It would be even more effective if the originators of such attacks could be shut down for good. Spammers buy botnet time, Thompson said, to push out their attacks. Through the use of "fast-flux" botnets with multiple IP addresses used to control the botnet, attackers can round-robin from one control server to another and stay ahead of shutdown efforts.
I asked him about the roles of China and Russia, two countries whose names come up again and again in computer security discussions. The threats coming from the two differ in objective.
The Russian spam rings are in it for the money. There's a pure profit motive to what they do. If it can turn a profit, Russian attackers and their affiliates will make an effort.
The typical Internet user isn't going to see some of the threats from China. While World of Warcraft password stealing Trojans came from there, as did the animated cursor flaw from early in 2007, a darker, deeper aspect to Chinese cyber attacks exists.
Thompson said he "absolutely thinks there's a highly targeted espionage effort" going on with Chinese attacks. Since they aim for government and business targets, the general Internet surfer isn't in their scope.
British researchers have accused Chinese interests of such espionage. Massive attacks against the State Department in June 2006 targeted systems in offices dealing with China and North Korea.
It has been suggested that more cybersecurity laws here will help with computer security. Thompson and I agreed on a view about that. It's a waste of time to pass laws in the US that can't or won't be enforced in Russia or China.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
