How to get rich quick through ecrime:
This paper studies an active underground economy which specializes in the commoditization of activities such as credit card fraud, identity theft, spamming, phishing, online credential theft, and the sale of compromised hosts. Using a seven month trace of logs collected from an active underground market operating on public Internet chat networks, we measure how the shift from "hacking for fun" to "hacking for profit" has given birth to a societal substrate mature enough to steal wealth into the millions of dollars in less than one year.
— An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants Jason Franklin, Vern Paxson, Adrian Perrig, and Stefan Savage. Proc. ACM CCS, October 2007.
How to stop it? Law enforcement is good, but insufficient. Ditto traditional technological Internet security methods. We already knew that. What now?
Real progress will be made by disrupting the criminal economy by poisoning trust. Read the paper for the authors' suggestions of Sybil attacks and slander attacks. Make the criminals' identities unreliable and poison their reputations.
This is considered the paper of the year by some prominent computer security professionals, and for good reason.
-jsq
Isn't this how COINTELPRO and other FBI programs destroyed the anti-war movement in the 1970's?
Posted by: goatchowder | November 09, 2007 at 04:38 AM
Interesting point. How do you tell the FBI agent provacateur? He's the one loudly promoting violent action.
I suppose the difference this time is:
1) Right is on our side (we hope).
2) The white hats can use the leverage of the Internet instead of ceding it all to the black hats.
-jsq
Posted by: John Quarterman | November 12, 2007 at 08:44 AM