It's official: badware is a problem
Posted by Maxim Weinstein
It’s been a busy week for declarations about how bad a problem malware and cyber security are. "Thieves Winning Online War, Maybe Even in Your Computer" declared the New York Times. "U.S. Is Losing Global Cyberwar, Commission Says," announced BusinessWeek, referring to a Center for Strategic and International Studies report that, among other things, concluded that "cybersecurity is now a major national security problem for the United States." And security firm F-Secure labeled 2008, "Another record breaking year in the growth of malicious software."
Unfortunately, there is some justification for the negativity. There is plenty of evidence that malware has become more technically sophisticated, that the criminal underground has become more developed, and that botnets can be effectively harnessed for targeted attacks against critical resources. We must, as a society, take these threats seriously and work collaboratively to address them.
That said, there is also reason for optimism. All three major U.S.-based search engines (Google, Yahoo!, Microsoft Live) now provide proactive warnings to users about known malware (and, in some cases, phishing) sites. So does the second most popular web browser (Firefox), and Internet Explorer is integrating such a feature in its next release. In the U.S. and Europe, public outreach campaigns have started to make users aware of the dangers of phishing, even as the messaging industry has worked together to reduce the amount of spam that reaches users’ inboxes. Law enforcement has recently busted some large Internet fraud rings, even as independent security researchers have brought down hosting providers and registrars alleged to have been complicit in harboring dangerous websites.
Even with these successes, we have a long way to go. This will require cooperation and communication, at unprecedented levels, amongst businesses, governments, security researchers, and the general public. It will also require StopBadware.org and others to continue innovating in how we harness the power of the Internet to help preserve what’s great about the Internet.