The Internet's running amok. We're in a dark period for law and order.
At first hackers were inventive experimenters. Even the baddies who broke into systems were geeky teen scofflaws, high-SAT-types from tech towns like Berkeley and Cambridge. These guys are still around, and still making trouble. But every kind of unlawful Web-based activity visible ten years ago has increased in scale and intensity.
Where once there were a few relatively uncomplicated viruses, now there are torrents of fast-evolving, multifaceted viruses. Where once there was just small-time credit-card fraud, now there is international credit-card racketeering. Computer-network password theft has turned into sophisticated ID fraud that robs patrons of banks and online auction sites. Spam, once an occasional rude violation of "netiquette," now arrives by the ton (12.9 billion pieces a day worldwide last May, according to the e-mail security firm IronPort), some of it fantastically bizarre and/or obscene.
Then there are the newer electronic crimes, proliferating so fast that even experts have trouble keeping up with the jargon. Phishing. Spear phishing. Pharming. DDOS. DDOS protection rackets. Spyware. Scumware. Web site defacement. Botnets. Keylogging.
The Internet is now in a golden age of criminal invention. It's a "dot-con" boom, in which electronic crime runs rampant in a frantic search for business models. Even encryption, supposedly a defensive measure, has become a tool for extortion--witness the weird new crime of breaking into a computer, encrypting its contents, and then demanding a payoff to supply a password to the victim's own data. The crime's so new, it doesn't even have a name yet. We can pray that it doesn't become so commonplace that it needs one.
With an estimated 1 billion people on the Net (according to the Computer Industry Almanac), much of the high-tech global village has become a big, cold-hearted, slum-ridden megalopolis. All the classic scams and rackets that city sharpies push on rubes can be digitized. The scammers have an endless supply of victims: There's always somebody new on the Net, somebody gullible, or too young, or incapable of understanding the language.
Imagine yourself as a first-time PC buyer, says computer crime expert Carlton Fitzpatrick, a cyber-counterterrorism instructor at the Federal Law Enforcement Training Center in Glynco, Georgia.
The PC's cheap, the software's reasonable, everything is plug and play, Fitzpatrick continues. Then the salesperson recommends that you arm it with antivirus software, system utilities, and a firewall. What kind of machine needs all of that stuff, you wonder.
And once you venture online, Fitzpatrick says, you find yourself directly connected to hosts of evil strangers. Even if you are willing to hold your nose and make that big jump, you are ill-equipped to defend yourself. "The victims of malware are not techie people, but those who don't read the security bulletins--and those are the people who are being plucked like ripe fruit," Fitzpatrick says. (Continue to page 2)
See the Complete Special Report
The New Security War: In This Special Package
Best Defenders and Spy Sweeper Leads the Field (chart)
The Hidden Money Trail
Privacy in Peril
Is the Net Doomed?
Threat Alert: Spear Phishing
Threat Alert: Antivirus Killers
Threat Alert: Instant Messaging Attacks
Security by the Numbers
More Security Resources on the Web
Also See Our In-Depth Online Series
Web Of Crime