Crime, War and Terrorism on the Internet

Date/Time:
Tuesday 22 May 2007

Speaker:
Brian Tompsett, University of Hull

Description:

Brian gave a very wide ranging and detailed presentation of which only a brief outline can be covered here. He has also presented the talk to Hull Masters Students, the BCS Humberside Branch AGM, as well as local schools in and around Hull.

Background

The PC Platform is basically insecure, access to any locked down system can be gained by boot floppies or rendered inaccessible by boot sector viruses. With the explosion of domestic computing and broadband access it is estimated that between 10 and 50 million systems are compromised world wide. Security is vastly under-funded. Hull University computers average 300 attacks per day per PC.

He then went on to describe and demonstrate some of the typical attacks that users are subjected to, from Email infections, spam, tricks, web based attacks, phishing, online fraud, 419 – Nigerian Scam and straight forward Stock Ramping (emails ré buying a company’s shares).

Background

Work on criminal profiling is taking place at Sheffield University looking for patterns of behaviour to enable faster recognition of new forms of activity and earlier alerts being issued.

Crime

Even though some forms of activity state a country, as with the Nigerian scam, researchers tracked the perpetrators to houses in Holland. Hull University set up some ‘zombie’ machines which attracted over 10,000 spam emails per month. Security is not just an issue for companies and institutions but is everyone’s issue.

Zombie and compromised systems can be triggered remotely to instigate a DOS (Denial of Service) attack, again spreading fear, increasing feelings of insecurity and fear of infection. Organised crime is increasingly using the internet for fraud and deception; compromised systems can be giving them access to remote intelligence and official information.

Terrorism

Terrorists use the internet in various ways e.g. for secret communication (strong forms of cryptography are available to everyone). Systems can be compromised, leaving them vulnerable to attack at a future point. Email and websites are being used for propaganda, magnifying the size and importance of very small groups, spreading fear and uncertainty in the general population, the very lifeblood of Terrorism.

There are a growing number of ‘urban myth’ sites giving credence to alternative theories from ’strange’ animal sightings, to alien invasions and the Moon landings being faked.

Security services have reacted by mandating that all University and School activity logs were saved until further notice. This was introduced the day after 7/7/05 and was rescinded in June 06.

The internet is also being used as

  • a weapon in wars
  • viral spyware on computers
  • captured laptops with information on
  • attacks on e-commerce sites
  • DOS or replica sites set up for fraud purposes
  • static intelligence garnered for sites such as Goole Earth, which can be used for targeting weapons. Some out-of-date images on Google from Iraq were used for British Bases

Summary

There were numerous other examples of the sinister, and some benign, uses of the information available online in Brian’s presentation and the steps being taken to counter, where possible, the misuse of technology.