Internet Insecurity

This broadcast talks about internet security. Basically there are ways for hackers to turn your computer into a 'bot'. This is where they can take control of your computer without you knowing it. They can then use it to flood a money making site (such as an online betting site out of Vegas) and lock it up by trying to access it at the same time with a huge amount of computers. It is then held hostage when they call you and ask for money in order for them not to do this.

Barret Lyon (one of the guests on the show) said he started fighting this type of crime by going to the business and fixing their networks. Now he has a company that acts as a heat-sink when this happens. When an large influx of users attacks a company's site, his company will filter out the ones that are bots and let the others through to the actual site. Now he wants to go after the actual hackers and "make them suffer".

One of the main contributors to this problem is pirated operating systems. These are illegal copies of operating systems that are downloaded off the internet. The operating system is not necessarily unsecured but they don't get the correct updates to stop the little hacker programs from being installed.

Mr. Lyon's company began to track these criminals all because Microsoft had a protocol called SNMP which is a tool to "look inside the computer's brain". This can be turned on or off by the user. They thought this would be a good way to hack a computer and used it to track down the control server for the bot computers where they finally found the Bad Guys.

They then began to chat with the hackers online and learning about them. After infiltrating them they used software to find out where they logged on from and what domain names they may be using and then tracked that to the registry where they could find names and addresses.

Even though there were huge investigations, many of the people that were caught where never really punished. They were more likely to be absorbed by the governments of the countries where they were located. The country (like Russia and China) can then use the same 'denial of service attack' on dissidents within the country and well as on foreign countries and companies whom they oppose. This could eventually lead to possible terrorist attacks that can disable systems within the US and even take down the electrical grid.

I'd wonder what has comes out of all of this. All this investigating to stop internet thugs has just pointed governments toward a great resource of hackers that work in their country. Fighting it has made the beast bigger and badder. This is common with many types of crime (prohibition, drugs, etc.). Do we continue fighting it by going after the criminals or should we just bolster our defenses?