Forget The Economy, Security Vendor Says Cybercrime Is The Real Threat

from the that's-not-my-job-man dept

You might have noticed that the economy is in the tank. Something about this “credit crunch” and “recession” and whatnot. But the amount of attention governments around the world are paying to these issues is giving cybercrime a foothold, according to a new study from a — yep, you guessed it — security vendor. This is the same vendor that’s been saying the government needs to create new laws to combat cybercrime for at least a year. While their consistency is notable, their implication that the government is in the best position to fight cybercrime seems misguided. The best solutions remain technical and market-based in nature, while the usual mess governments make out of this sort of thing are hardly a ringing endorsement of their abilities to solve technological problems. All this makes you wonder if maybe the vendors see some way for themselves to gain from cybercrime legislation. Surely that’s not right…

Filed Under: ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Forget The Economy, Security Vendor Says Cybercrime Is The Real Threat”

Subscribe: RSS Leave a comment
6 Comments
Chris Brenton says:

Too funny

The “problem” is not the focus on the economy. The problem is that signature based anti-virus software is no longer effective in stopping attacks (application control or white listing is the way to go). Of course you can’t expect an AV vendor that makes a good chuck of $$$ from selling AV signature subscriptions to tell us that. The problem ***HAS*** to be somewhere else. 😉

Doug Woodall (user link) says:

RE:Cybercrime Is The Real Threat

Sadly, the typical user wants no part of educating themselves about online safety. They are poorer now, cant go out to party and theres nothing on TV to watch.
So they surf, and eventually get infected and maybe even end up losing their personal data and having it used to empty what little they have in their bank account.

JustMe says:

The problem is the bad guys

Not the good guys. I’m a loyal reader of TechDirt and I participate in the discussions, but I am also frequently surprised at the amount of security vendor bashing.

Re: Carlo – who else is funding research in to cybersecurity problems? Of course the reports come from people with a product to sell, but the alternative is fewer research projects and less end-user education. Lighten up.

Re: Chris – sigs (AV, IDS, FW, etc.) have worked (to some degree) for 20 years. Don’t assume that it is all a conspiracy. Can *you* can come up with something better?

John Wilson (profile) says:

Re: The problem is the bad guys

In response to your response to Carlo, it’s being widely done in computer science departments of universities around the world.

In response to your response to Chris — you’re right that signature based detection will continue to be something that will help in the future the reality is that it doesn’t work at all for things like rootkits or botnets.

And one of the reasons that security vendors, McAfee always in the lead, are frequently releasing chicken little “the sky is falling” press releases which are duly taken up as evidence that something is actually going on by the computer press bloggers who, as it turns out, work for security vendors! (ZDNet being among the prize offenders of that sort of conflict of interest.)

Add to this that McAfee’s client software is slow, buggy and can’t even keep up with ClamAV, an open source project who are much better at identifying new threats than either Sophos or McAfee, as far as releasing up to date signature packages is concerned.

As far as on line security is concerned it’s going to take more than an AV package or a weak firewall(hello, Microsoft!) to protect you. It needs a proxy married to a good firewall that works both in and outbound, software like tripwire and montoring of servers and the OS kernel.

As for phishing and other attacks require user intervention we’re back to educating users again about these things.

I’m not talking about blaming the victims I’m saying they need to be armed with information to identify the attacks and deal with them.

As for government intervention in technology to make us “safer” I feel far more confident without that and far better able to respond that bureaucrats.

The other question is “why do open source projects do a far better job of security than commercial ones do”?

Oh, as the sooner security vendors stop running around screaming to high heaven that the sky is falling and actually develop and deliver decent product I’ll stop being cynical about them and their allies (employees, mostly, it seems, in the computer “press” on and off line).

ttfn

John

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...