Forget The Economy, Security Vendor Says Cybercrime Is The Real Threat

from the that's-not-my-job-man dept

You might have noticed that the economy is in the tank. Something about this "credit crunch" and "recession" and whatnot. But the amount of attention governments around the world are paying to these issues is giving cybercrime a foothold, according to a new study from a -- yep, you guessed it -- security vendor. This is the same vendor that's been saying the government needs to create new laws to combat cybercrime for at least a year. While their consistency is notable, their implication that the government is in the best position to fight cybercrime seems misguided. The best solutions remain technical and market-based in nature, while the usual mess governments make out of this sort of thing are hardly a ringing endorsement of their abilities to solve technological problems. All this makes you wonder if maybe the vendors see some way for themselves to gain from cybercrime legislation. Surely that's not right...
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cybercrime, threats


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 11 Dec 2008 @ 6:55pm

    I don't know about you, but the economy being in the crapper hasn't affected me. I have nothing in the stock market, it is all buried in the yard, so I've lost nothing.

    Gas prices are dropping faster than a hookers bloomers and things are looking up!

    link to this | view in thread ]

  2. identicon
    Act Now, 11 Dec 2008 @ 7:05pm

    Of course

    and I'm sure they have an expensive product that will succeed where others have failed.

    link to this | view in thread ]

  3. identicon
    Chris Brenton, 11 Dec 2008 @ 11:54pm

    Too funny

    The "problem" is not the focus on the economy. The problem is that signature based anti-virus software is no longer effective in stopping attacks (application control or white listing is the way to go). Of course you can't expect an AV vendor that makes a good chuck of $$$ from selling AV signature subscriptions to tell us that. The problem ***HAS*** to be somewhere else. ;-)

    link to this | view in thread ]

  4. identicon
    Doug Woodall, 12 Dec 2008 @ 9:09am

    RE:Cybercrime Is The Real Threat

    Sadly, the typical user wants no part of educating themselves about online safety. They are poorer now, cant go out to party and theres nothing on TV to watch.
    So they surf, and eventually get infected and maybe even end up losing their personal data and having it used to empty what little they have in their bank account.

    link to this | view in thread ]

  5. identicon
    JustMe, 15 Dec 2008 @ 5:16am

    The problem is the bad guys

    Not the good guys. I'm a loyal reader of TechDirt and I participate in the discussions, but I am also frequently surprised at the amount of security vendor bashing.

    Re: Carlo - who else is funding research in to cybersecurity problems? Of course the reports come from people with a product to sell, but the alternative is fewer research projects and less end-user education. Lighten up.

    Re: Chris - sigs (AV, IDS, FW, etc.) have worked (to some degree) for 20 years. Don't assume that it is all a conspiracy. Can *you* can come up with something better?

    link to this | view in thread ]

  6. identicon
    John Wilson, 15 Dec 2008 @ 7:37pm

    Re: The problem is the bad guys

    In response to your response to Carlo, it's being widely done in computer science departments of universities around the world.

    In response to your response to Chris -- you're right that signature based detection will continue to be something that will help in the future the reality is that it doesn't work at all for things like rootkits or botnets.

    And one of the reasons that security vendors, McAfee always in the lead, are frequently releasing chicken little "the sky is falling" press releases which are duly taken up as evidence that something is actually going on by the computer press bloggers who, as it turns out, work for security vendors! (ZDNet being among the prize offenders of that sort of conflict of interest.)

    Add to this that McAfee's client software is slow, buggy and can't even keep up with ClamAV, an open source project who are much better at identifying new threats than either Sophos or McAfee, as far as releasing up to date signature packages is concerned.

    As far as on line security is concerned it's going to take more than an AV package or a weak firewall(hello, Microsoft!) to protect you. It needs a proxy married to a good firewall that works both in and outbound, software like tripwire and montoring of servers and the OS kernel.

    As for phishing and other attacks require user intervention we're back to educating users again about these things.

    I'm not talking about blaming the victims I'm saying they need to be armed with information to identify the attacks and deal with them.

    As for government intervention in technology to make us "safer" I feel far more confident without that and far better able to respond that bureaucrats.

    The other question is "why do open source projects do a far better job of security than commercial ones do"?

    Oh, as the sooner security vendors stop running around screaming to high heaven that the sky is falling and actually develop and deliver decent product I'll stop being cynical about them and their allies (employees, mostly, it seems, in the computer "press" on and off line).

    ttfn

    John

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.