As society has benefited from technology, so too has criminal activity. Technology has advanced and crime has followed. In some instances, technology does not lead to new crimes, but rather, to new ways of committing old crimes. For instance, conspiracy has been a crime for a very long time, but the advent of three-way calling puts a new twist on an old problem. The Internet provides similar opportunities for conspiracies and other crimes as well. Law enforcement agencies around the world are grappling with crimes involving new and easier ways of committing identity theft and transmitting child pornography.
Of course, just as technology provides new ways of committing crimes, so does it provide new ways of fighting them. The past few decades have seen remarkable advances in the technologies used to find and collect evidence. Fingerprints can be lifted today that would have been impossible to acquire a generation or even a decade ago. Ballistics imaging systems are now used that can harness the power of computers and automated technologies to match bullet and cartridge case evidence with crime guns. The system’s uncanny ability to find the needle in a stack of needles can solve crimes that previously would have gone unsolved. Chemical agents and laser technology now facilitate the identification of blood and other bodily fluids even after they have been ‘cleaned’ from surfaces. In short, advances in technology have changed the way crimes are committed and investigated in ways that are astounding.
These advances are not limited to the criminal underworld. The increasing admissibility of electronic evidence in court, and companies’ growing fears about employees using work computers for improper activities has been a catalyst for an increased demand in the specialised area of computer forensics in recent times. Potential employee violations include eliciting kickbacks from a vendor, divulging trade secrets, embezzling, and downloading pornographic images, to name but a few.
The Irish Honeynet Project has seen a huge change in the landscape of digital attacks in recent years. No longer are the viruses of old sufficient to penetrate the layers of security defences in modern organisations. Cyber criminals are now tracking your every computing move and targeting websites, such as those of banks, where you log personal data. Automated worms, mass auto-rooters, spyware, malware, distributed denial-of-service attacks, phishing, identity theft, wireless network hacking, email spoofing, to name just a few, now feature regularly in even the most novice hackers toolbox.
Unfortunately, for many Irish organisations, security is still not equal to paying your electric bill. It is a nuisance, a distraction, a resource drain, and it is expensive. However, when that worm hits, when that hacker attacks, then blame is quick to be assigned. What most organisations do not yet understand is that improving security is not all about buying the latest and greatest products. It is about changing the corporate culture to make security a realistic priority, and to understand that the upfront investment in security resources and processes will be far less costly than the reactionary efforts after an attack.
We truly have started to reach the climax of a time when information is power. Technology pioneers have always sought the holy grail of information at your fingertips. Our lives and businesses are constantly becoming more digital, and that only makes it easier for criminals to further capitalise on the insecurities within software and systems. As things progress the effects of a successful technology hack will grow exponentially more severe. With this exponential increase in the criticality of threats there has never been a time that requires innovation and proactive security solutions more than now. But more importantly, we need to encourage and develop a culture of awareness, where an understanding of the security threats through education and learning will keep our much-valued information firmly in the right hands.
The Irish Honeynet, set up by Espion, Deloitte, and Data Electronics, operational since April 2002, is designed to mimic the Internet infrastructures commonly used by organisations, but it is ‘wired’ with detection sensors that capture all activity to and from the system. The Honeynet is not advertised in any way so any traffic to it from the Internet is suspicious by nature, as it arises from hackers and crackers who are deliberately attempting to identify and attack systems that are vulnerable.
For more information please send an email to honeynet@espion.ie
Subscribers 0
Fans 0
Followers 0
Followers