Feeds

Cyber Alert: crime hits the net

The end of innocence

  • alert
  • submit to reddit

Protecting against web application threats using SSL

Book review Cyber Alert sets out to explain how 'traditional' organised crime is waking up to the huge criminal potential of cyber space and how software manufactures and police are responding, after years of paying the issue insufficient attention.

Authors Peter Warren and Michael Streeter use the 260 page book to put a different aspects of cyber crime - ranging from the genesis of offences such as phone phreaking to the rise of botnets - under the microscope. The book's nine chapters feature examples from criminal cases and other real-world examples alongside interviews with industry experts, police investigators and cyber criminals themselves. The authors obviously carried out scores of interviews in compiling Cyber Alert and the book is stronger for it.

The book is written to be understood by the layman, though information security professionals will find much within its cover of interest. The prose style is lucid and the authors spin a good yarn that makes the book an easy read.

However there are some shortcomings which prevent us endorsing it wholeheartedly. The authors supply a clear overview on online paedophilia, detailing the latest techniques perverts are using to evade detection and how police are seeking to stay ahead of the game. They also have fresh insights on how well-known cases (such as Operation Cathedral) were cracked.

But the chapter on computer viruses is much less impressive. It simply documents a series of high profile outbreaks (the Morris Worm, Love Bug, NetSky etc) without any context or overview. There's been no attempt to interview virus writers - or anyone else apart from anti-virus vendors - and the chapter is the poorer for it.

Mystery science theatre

In the intro the authors say an intruder attacked 10 Downing Street in 1999 from a mobile phone located somewhere in Russia. This is exciting stuff, But they have little else to say on the possible motive or mechanism of this "mysterious and sophisticated" hacking attack.

The use of such unsourced, eye-catching anecdotes is rare. The book does a good job of explaining the transition of old-style hacking - where people simply wanted to explore systems - to criminality, and the risks that this has created for consumers and business. This forms one of the book's two central themes; the second is an account of the mobilisation of police and the IT industry in response to the migration of old-style crimes such extortion onto the net, via DDoS attacks against online bookies and the like.

Hacking is the 'OS of cybercrime'

CyberAlert also floats some interesting theories - such as the possibility that officers from the now defunct Russian Federal Government Communications Agency, SAPSI, moonlighted for organised crime groups and corrupt businesses to tap phones on their behalf. In Bulgaria, many hackers and virus writers in Bulgaria were trained by Durzhavna Sigurnost, the secret police; they have moved on to working for Russian gangs such as Solntsevo, according to Vladimir Golubev, a Ukrainian academic.

This 'cyber-criminal' is a highlights of the book, along withan extensive interview with a computer hacker called Fungus. The book concludes with some gloomy predictions for the future, particularly about the likelihood of increased fraud on the net. It makesrecommendations for an internet security "cyber manifesto".

Overall, CyberAlert is a worthwhile addition to the security canon. Recommended (with caveat over virus section). ®

Cyber Alert, by Peter Warren and Michael Streeter
Vision Paperbacks
Paperback - 262 pages
March 2005 - £10.99

Related stories

Mitnick sequel fails to hack it
Traces of Guilt: computer crime from the front line
eCrime cost UK.biz £2.4bn in 2004
Cyber cops foil £220m Sumitomo bank raid
Web paedophile jailed for four years

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
'Speargun' program is fantasy, says cable operator
We just might notice if you cut our cables
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.