Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

In the real world, you only have to worry about the criminals in your city. But in the online world, you have to worry about criminals who may be located anywhere on the planet. Many hotbeds of online criminal activity are located in cities whose police forces are already overextended fighting “real-world” crimes and who lack the resources and expertise to investigate online activity. And in the past decade, the criminals themselves have changed. In 2003, all the malware was still being written for fun by hobbyists, but now it’s being produced by professional criminals, hacktivists, and governments who can invest big money to craft attacks that deliver massive payoffs.

What are the biggest threats?

Bitcoins

Bitcoins only have value when the transactions are confirmed by at least six members of the peer-to-peer network. Users who participate in transaction confirmations are rewarded with Bitcoins, a process that is called mining. As the value of a Bitcoin has increased, mining has become harder, because more people want to do it. Today, to make real money at mining Bitcoins, you need powerful computers — but those computers don’t necessarily have to be yours. Some of the largest botnets run by online criminals today are monetized by mining. So an infected home computer of a grandmother in Barcelona, for example, may be mining Bitcoins worth tens of thousands of dollars a day for a Russian cybercrime gang.

Cyber-spies

Companies and governments spend money on espionage. Cyber-spies use “trojans” and “back doors” to access data on their targets’ computer networks, remotely monitor them, and perform actions on them, such as keylogging to collect passwords or eavesdropping through the infected computer’s microphone.

The most effective method to protect data against cyber-spying is to process confidential information on dedicated computers that are not connected to the Internet. Critical infrastructure should be isolated from public networks.

 Exploits

Cyber attacks rely on exploitation of “vulnerabilities” — bugs in the source code of commonly used software — to infect target computers. When professional criminals and governments got into the cyber attack game, demand for new “exploits” greatly increased, and boutique companies sprang up to find and sell these exploitable bugs. Some U.S.-based defense contractors are openly advertising positions for people with Top Secret/SCI clearance to create offensive exploits targeting iPhones, iPads, and Android devices. As the U.S. has engaged in offensive cyber attacks on other countries, other countries have followed suit, creating a cyber arms race that will continue to increase demand for exploits.

Government surveillance

The two most important inventions of our time, the Internet and the mobile phone, changed the world — but they also have turned out to be perfect tools for the surveillance state. And in a surveillance state, everybody is assumed guilty. PRISM, one of the governmental surveillance programs unveiled by Edward Snowden, monitors people known to be innocent and builds dossiers on everyone based on their Internet activity. Because the U.S. is home to the most ubiquitous Internet services, search engines, webmail sites, browsers, and mobile operating systems, it can basically spy on the whole world at a level no other country can.

However, the same advancements in computing power and data storage that have made wholesale surveillance possible have also made leaking possible. Leaking has become so easy that that it will keep organizations worrying about getting caught in any wrongdoing, and maybe even force them to avoid unethical practices. The governments that watch over us know that we are also watching over them.

Read the full article here.

Mikko Hypponen, Chief Research Officer of F-Secure, looks at cybercrime and cyber attacks launched by nation states. He observes that in the last decade, there has been a shift in the perpetrators of this type of activity, with hobbyists having been replaced by new attackers: criminals, hacktivists and even governments.

 

3 comments. Share your thoughts »

Tagged: Computing

Reprints and Permissions | Send feedback to the editor

close

Views from the Marketplace are paid for by our key partners. All Views from the Marketplace have been approved by our team.

More information »

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me
×

A Place of Inspiration

Understand the technologies that are changing business and driving the new global economy.

September 23-25, 2014
Register »