While Companies are still trying to figure out how the cloud will benefit them, cybercriminals have already figured it out. They managed to infect so many computers that they have more computing power at their fingertips than all the world’s supercomputers combined.
Do they use it as a weapon of mass distruction? No, and why should they? Shutting down webpages is not the number one attack scheme. Okay, you could hold the website owner for ransom, but there are more subtle ways to make money through cybercrime. On PCs, and sometimes on Macs, we see a lot of DNS changers, keyloggers, and other kinds of badware, intercepting the Internet traffic and fiddling around with it. One cybercrime group in Eastern Europe for example is changing 1.3 million web banners per day and rerouting 10 million Google Toolbar requests – that’s what you could call “Creative Marketing”. And not only this, guys who are visiting sites with–shall we say–“adult” content are confronted with fake warnings, telling them that they are infected… over 100,000 users see this message per day, with a good deal of them then downloading a Fake AV program, and even willingly paying money for it. And one might ask: Will they only use credit card information to withdraw the $49.95, or will they be more creative?
The internet has been used for years for malware activities, nothing new. What is amazing is how sophisticated the attackers are, how skillful they are at creating resilient networks, and how they always lure victims into their spider web. No amateurs anymore, so it is indeed a dark cloud, as Uri Rivner blogged recently: http://www.rsa.com/blog/blog_entry.aspx?id=1508.
Is the average user aware of the dark cloud? I don’t think so. A recent botnet study from Trend Micro shows that some computers are infected (or reinfected all the time) for years. Okay, most of these computers are used by home users, but 25% of the infected machines are within companies.
Question to the ISPs: If Trend Micro is able to detect malicious behavior from certain IP addresses, wouldn’t it be nice to work together to inform users about it? In a non-intrusive way, like from time to time a redirect to an informal “You are infected” page. Wouldn’t this reduce the amount of spam. Wouldn’t this make the Internet a better and safer place?
It should be the collective responsibility of ISPs, companies and individuals to fight back. And not only with security products, but on a larger scale. Better hardened computer system, responsible ISPs, and sensitive users who accept that the Internet has its dark side, and that it is up to all of us to change this.
The minority of the Internet is bad, and it is in our best interest to ensure that the “Dark Cloud” gets smaller and smaller. Even though our cars nowadays have all kinds of safety features, like seatbelts, airbags, etc., we still need lessons to get a driver license to drive a car. Do we need a kind of driver license for the Internet? I bet the moment you read the last sentence you thought about censorship. But ask yourself: We accept driver licenses because cars can damage property and hurt people if not used properly. Many of us would like to see more control over financial systems because they have ruined people.
If the dark cloud gets bigger, you and I will stop doing online transactions over the internet, we will be more careful surfing, and sooner or later we won’t move and explore freely anymore because it is too dangerous. So isn’t it better to apply a little more control now before it’s too late?