In a world where over 95 percent of all business email is spam, is it any wonder that networks hosting "badware" have become global entities operating in full view of most ISPs?
Sadly, the growth of informative, educational, and business-oriented networks on the Web has taken place against a dark backdrop. Traffic associated with spam, malware, child pornography, and illegal data has morphed to levels that dwarf beneficial and legitimate content.
The challenge is one that IT departments can't fix alone. "Only ISPs, IXPs [Internet exchange points], and Internet regulators can help," wrote online security expert David Bizeul, head of a computer security incident response team (CSIRT) for a bank he has asked remain nameless, in a paper last year.
Bizeul was specifically describing the Russian Business Network (RBN), a notorious "cybercrime service provider," originally headquartered in St. Petersburg, Russia. Most sources contacted for this report believe that RBN, whose main sites were shut down by ISPs in 2007, nonetheless continues to operate in other guises and in other locations, harvesting user information to enable a wide range of malware attacks; publish child pornography; and hoard stolen identities and financial fraud data.
RBN isn't the only badware network on the Internet. Others, while smaller, are no less malicious in their activities. And, like RBN, these operations are insidious, often protected by hosting partners that profess ignorance of their activities.
In this report, we explore the Internet's Axis of Evil and discuss what is – and isn't – being done to stop it.
A Very well written article and needs wide-spread Publicity.I am a member of the OpenDNS,SpamHaus,SANS Network Centre and CastleCops and take the oppurtunity to colloborate and learn from these sites effectively.Why not just choose one Site?Thats cause no One Site gives you all the Info you need and particularly in a fast-changing sphere like Security ,you need all the Info you can get.
The cool thing about Security is that not a day passes when I dont learn something new and sometimes even outlandish.
==>"That's the meaning of "bulletproof" hosting; that the provider asks no
questions and practically guarantees that the malware can operate
without interference. The question becomes, How much more legislation,
if any, is needed to deal with this? Can the Internet community treat
the problem alone, without recourse to laws that might jeapardize
future Internet freedoms?"
good post Mary; you have a real knack for asking the question that leads to deeper analysis
it should be noted that legislation will not prevent malware any more than legislation stops home invasion.
Prevention requires a defense
the x86 family of chips has the needed defenses. privileged operations such as input-output can only be done in "ring 0". Paged memory with storage protect keys is provided and read-only pages are also available.
these features make it possible for the kernel or system nucleus to absolutely supervise what a problem program such as a browser is doing
if these tools are used properly it absolutely does not matter what kind of garbage you feed into a browser you will not be able to get the browser to update anything that it has not been given permission to update.
No castle is safe however if the gate-keeper is tricked into giving away the key ~~ and I think this is an area where we need some serious discussion. Convienience and ease of use is fine. Security is necessary. Where convienence and ease of use is compromising security: we need to talk.
I have recently done research about the country and its history independent of an experience of the worst kind with 2 cybercriminals from this country poisoning the web with "000webhost.com" and some related sites.
It may not be the only case, but pretty much exactly 70 years ago, not only the "Reichskristallnacht" occurred in major parts of Germany and Eastern Europe, soon after that, mobs in countries like Lithuania went killing Jews, Gipsies and what they considered "Unarian" according to Hitler, Himmler and their whole gang...
The Hitler and Himmler this time are located in Lithuania or at least the last unmasked traces to their network and domains came from Kaunas, Lithuania.
Their names are Rapalis, Aurimas, self-proclaimed CEO of 000Webhost and his "Himmler", AdSenseBoy Mindaugas Lipskas. Using the .COM domain with the same (last) name. And while the mobile he uses there is most likely prepaid or registered via an alias, it seems they are so sure of their status and being protected by corrupt or inefficient governments in Eastern Europe, they don't care about being visible.
It is just like the latest Bond film, they are there and do their criminal activities right under people's noses :-|
Well, in the end James Bond even caught the bad guy in Eastern Europe. Let's hope, this Axis of Evil may also be broken soon?!
That's a good primer for those who have no understanding about the darker side of the internet. I think it especially useful, for the sale of clarity to the uninitiated, that you avoided discussion of particular vulnerabilities and attacks for the most part.
Great piece! This is an even more important problem than people realize.
One can make an analogy between this evil networks problem and mass poisoning of human populations.
You may protest that and say people do not die of spam and malware. I am not sure that's true. If you interfere enough with the main communication system of a society probably some people do die as a consequence. The direct relationship between spam and neglected or unread life-saving Emails has just not been documented. It does not mean no such relationship exists.
The number of people affected by a single spam attack is enormous, no other type of crime affects so many people except for some mass poisonings. If you measure severity by multiplying injury by the number of people affected then these count among our our most serious crimes today.
The difficulty and complexity of the two problems are similar. If you listen to my 60 Minutes piece from 11 years ago about the Chinese origin of the toxin in the mass poisoning which killed 300 children in Haiti in 1996 and then consider othermore recent Chinese mass poisonings and you will see what I mean. It is a very serious problem now persisting for more than 12 years.
Both problems, evil spam networks and mass poisonings, need an approach radically different from anything tried so far. It starts with capturing the imagination of the reading public and getting them to really think about innovative solutions. Your piece contributes in a very important way to moving us in the right direction.
I agree with Terry Sweeney that the "Whack-A-Mole" approach is a good start. After that if we combine the communal intelligence of everyone who would like to solve these problems with some very robust funded research efforts real solutions should finally emerge. One would not want to go another 12 years with either problem continuing!
Very much like offline life, bad people mess things up for good people until good people get mad enough to start making laws to make it difficult for the bad people to succeed.
One of the biggest challenges for people in technology (who tend to be Libertarian in their outlook) is to understand the need for rules and constraints. There are SOME people who can operate ethically on a voluntary basis .. maybe even most. But as we see with Internet, it only takes a very determined and amoral few to wreak havoc for the many.
We do need laws. We do need enforcement. Yes it will mean less wide open freedom. No I don't love that either. It's just life. And once we have those new laws and enforcement, 95% of email will not be spam. And we won't be reading about the latest attempt to hijack everyone's web session every week.
It definitely is a big issue, and one that probably needs a set of different methods to solve.
One thing I noticed is that every proposed solution will always be one step behind. One IE article a couple of months ago mentioned the use of eStamps to validate email users. I.E., Hotmail lets you send 500 emails/month and after that you need to pay, this is obviously too vague and probably won't be implemented but I think we need solutions that try to solve the problem and not to patch it.
That's the meaning of "bulletproof" hosting; that the provider asks no questions and practically guarantees that the malware can operate without interference. The question becomes, How much more legislation, if any, is needed to deal with this? Can the Internet community treat the problem alone, without recourse to laws that might jeapardize future Internet freedoms?
Each of these malware providers works in an information bubble - they don't know what their clients are doing, and don't want to know, as long as the money keeps coming. With privacy arrangements, they can always have plausible deniablity that they didn't know what was going over their networks.
These networks will keep sapping the net economy until a more coordinated and world-wide effort is made to track them down and actually prosecute the perpetrators.
The ThinkerNet does not reflect the views of TechWeb. The ThinkerNet is an informal means of communication to members and visitors of the Internet Evolution site. Individual authors are chosen by Internet Evolution to blog. Neither Internet Evolution nor TechWeb assume responsibility for comments, claims, or opinions made by authors and ThinkerNet bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.
If you’re a slightly gray, mid-level manager who travels a lot, you may be on the way up and worthy of professional respect, but one thing you most definitely are not is “cool.” Still, while today’s youth may think you just crawled out of a paleolithic cave, there may be hope. The iPad from Apple Inc. (Nasdaq: AAPL) (supreme arbiter of coolness) just might make you older guys (or actually old guys like me) cool.
As we well know, the online echo chamber and its increasingly viral and social components can magnify the propagation speed and distribution of stories and rumors, whether true or false.
In his recent Congressional testimony, Dennis Blair, the U.S. director of national intelligence, stated that the U.S. is "severely threatened" by cyber attacks and that the recent Google (Nasdaq: GOOG) attacks should serve as a wake-up call.
Fatal System Error, the book just released by West-coast-based journalist Joseph Menn, is really a public policy statement written as a thriller for a wider reading public. UPDATED 2:45 PM
Smarter Collaboration: How to Thrive in a Challenging Business Environment Market conditions are changing faster than ever, and organizations need to improve their agility and adaptability in order to provide better service and improve processes. The ability to work with customers, business partners, and employees as effectively as possible - while at the same time holding down costs - is a key to success. READ THIS eBOOK
your weekly update of news, analysis, and
opinion from Internet Evolution - FREE! REGISTER HERE
Wanted! Site Moderators Internet Evolution is looking for a handful of readers to help moderate the message boards on our site – as well as engaging in high-IQ conversation with the industry mavens on our thinkerNet blogosphere. The job comes with various perks, bags of kudos, and GIANT bragging rights. Interested?
To save this item to your list of favorite Internet Evolution content so you can find it later in your Profile page, click the "Save It" button next to the item.
Research shows that the youth of today like Facebook – but not blogging or Twitter. Does that mean Facebook has won, or just that it's not yet out of favor? Will all the services we see today fade into Ovaltine-or-Wheaties status in just a few years?
What kinds of companies are doing the most innovation in the data center? Turns out it's midtier enterprises that are taking the "Just Right" approach.
Digg
Del.icio.us
Reddit
Email This
TWEET THIS
