The Open Internet's Growing Security Problem -- Part XIII

Additional new evidence continues to spotlight the Open Internet's growing security problem, and underscore why President Obama effectively declared the lack of cybersecurity as the Internet's biggest problem in his cybersecurity address May 29th. 

• The growing catalogue of evidence from mainstream and official sources is getting harder and harder to ignore.
  • See previous parts of this series here:  I, II, III, IV, V, VI, VII, VIII, IX, X, XI & XII.  

"Cyberattacks Jam Government and Commercial Web Sites in U.S. and South Korea" NYTimes 

• "A wave of cyberattacks aimed at 27 American and South Korean government agencies and commercial Web sites temporarily jammed more than a third of them over the past five days...
• ...The Web sites of the Treasury Department, Secret Service, Federal Trade Commission and Transportation Department were all affected at some point...
• ...the White House site had also been attacked...
• ..The Web site of the New York Stock Exchange also came under attack, as well as the sites of Nasdaq, Yahoo’s finance section and The Washington Post."

"Cybercrooks descend on Twitter with Spam, Attacks" USA Today

• "Cybercriminals are rapidly using Twitter— the popular Web-messaging service — to direct users to websites that sell porn and fake drugs and trigger promotions for fake anti-virus subscriptions."
• ..."Sadly, security is rarely viewed as a top priority" by add-on developers..."

"MafiaBoy: cloud computing will cause an Internet security meltdown" dark reading

• "Reformed black-hat hacker Michael Calce, better known as the 15-year-old "mafiaboy" who, in 2000, took down Websites CNN, Yahoo, E*Trade, Dell, Amazon, and eBay, says widespread adoption of cloud computing is going to make the Internet only more of a hacker haven."
• ..."It will be the fall of the Internet as we know it," ... "You're basically putting everything in one little sandbox..."it's going to be a lot more easy to access," he added, noting that cloud computing will be "extremely dangerous."  

"Users Warned of social network dangers" CBR Security

• "Users of social network sites may be far more vulnerable to financial loss, identity theft and malware infection than they realise..."
• " The vast majority (80%) of respondents claimed that they allow at least part of their profiles to be searchable through Google or other public search engines..."

"Can Open Source Police Open Source?" ZDNet

• "When a proprietary code base becomes popular, its owner brings in the cash necessary to defend their position in court. This is not automatic in the open source world, which thus remains vulnerable to small time scams. How do we stop them? Where do we find the cash to protect open source, not from the big boys, but from the small fry?"

"Mobile networks face DOS attack" Computer World

• "Sabnani said the newest DoS attacks on wireless networks involve repeatedly establishing and releasing connections. These attacks are easy to launch and hard to detect, he added. "One cable modem user with 500Kbit/s upload capacity can attack over 1 million mobile users simultaneously," he said."

"Webroot survey reveals social networkers risky behaviors" Webroot

• "...The growth of social networks presents hackers with a huge target..."
• "Hackers lure users into taking actions they shouldn't by making it appear as if a friend within their social network has sent them a message - only the message is from a hacker who's hijacked the friend's account..."  

"How can Cyberspace be defended?" National Journal

• "The question is, how does the government protect a borderless, largely anonymous space that is almost entirely owned and operated by private citizens and corporations?"
• "Or is cyberspace too big, and perhaps too abstract, to "defend" the way the government does our land, sea and air borders?"

"Online criminals take on the trappings of business" FT

• "The latest viruses are extremely well written and coded, even incorporating up-to-the-minute bug fixes in the encryption technology.”...
• "In the third and current phase, professional criminals have moved in en masse and malware writers are adopting a lower profile, selling their products over the internet, rather than exposing themselves to legal sanctions."...

• "...The impression remains, however, that in the race between the criminals and the security groups, the criminals may be edging ahead."