Big data to fight cybercrime, Internet censorship, Android risks, Internet crime and the perfect #infosec mindset are this weeks’ top reads.
In the past we’ve reposted articles on organizations and their threat assessment and response times, most of which are a day late and a buck short. This article discusses how data now offers security experts a new arsenal against cybercrime. With the frequency of cyber attacks growing all the time, this is most welcomed (it’s a far more productive use of big data than the more traditional use of ad-targeting!). Though in the early stages of development, academia’s role in cyber security helps experts be more proactive.
Research links economic growth with the increase of high-speed Internet connections in developed and aspiring countries. But the Internet also has a democratizing effect with the liberty at which information flows across it. This in turn calls for accountability (our own US government learned the hard way last year). Malaysian former Prime Minister Dr. Mahathir underestimated the Internet’s power and reach when he promised no censorship; he’s now regretting his no-censorship policy. Now that users have enjoyed the relatively free range of access the web provides, of course, introducing censorship could prove disastrous for politics. Censorship of any kind shares a common danger: those doing the censoring do so from a position of bias or control. The difference is that content is more easily “regulated” on the Internet and can be shut down or blocked, making internet censorship potentially more oppressive.
Fake ID malware effectively sneaks into apps, feigns legitimacy, and sometimes takes control of the app it has infected. From there hackers can play your smartphone like a… smartphone. Temporary fixes or workarounds are available quickly address the Fake ID threat, but a permanent solution is still in the works. Tying this to the earlier post on big data in cyber security, applying big data is quickly becoming an invaluable resource when dealing with threats like Fake ID.
After reading report upon report of the nameless thousands of malware that exist today, it was hard to learn that there used to only be a dozen malware threats in existence without laughing. And according to Roger Grimes, the sad realities are that Internet criminals are rarely caught or even prosecuted, they’re commonly mistaken as super-genius megalomaniacs when on average they don’t even know how to program, and they commit crimes with no fear of serious consequences because jurisdiction, lack of legal evidence, lack of resources, and a general lack of interest – cybercrime isn’t hurting the economy enough? – keep law enforcement from responding to it in a game-changing way. Takeaways? Cyber law is too clunky to keep up with the streamlined cyber crime, and the resources victims of cyber crime and law enforcement have at their disposal are too few to fight cybercrime effectively.
I can’t speak to the long-term health implications, but it’s hard to argue that Corey Nachreiner’s right when he says that paranoia and skepticism are what keep you safe in cyber security. You can never be too sure that the hyperlink you’re clicking on is everything it promises. You should first assume that the email claiming your account is overdrawn is not from your bank. Yet at the same time, too much of either, or not enough of one, puts you somewhere in the vicinity of conspiracy theorists. The most important thing to take away here is that knowledge and experience – not aluminum foil hats – are what make you a security aware netizen.