Richard Clarke talks cyber crime
December 9, 2011 —
(Page 1 of 3)
Software developers will play a greater role in ensuring enterprise security in 2012. Enterprise IT departments are no longer the only folks on the hook for locking down corporate networks.
Richard Clarke, former chief counter-terrorism advisor to the president and author of the book “Cyber War,” said that the threat landscape is changing. The actors are varied in their trade and more innovative. He pointed out that criminals are becoming very talented at breaching networks through Web and third-party applications. The advent of the cloud and its inherent multiple environments can leave backdoors unintentionally open, making them even more enticing.
This means that software development managers must begin testing their applications as thoroughly as IT tests its security infrastructure. These changes, along with the ramifications of impending government legislation, will significantly affect how developers look at application testing.
In a recent industry vendor-hosted webinar, Clarke, who has 19 years experience in the Pentagon, the White House and the State Department, called 2011 "The Year of the Breach." Stories of attacks flooded the news. He described them as being tossed into the media melting pot, and spit out like they’re all one type of attack or from one attacker.
But, he pointed out, “They’re not the same. It’s not all big, bad China, all 1.3 billion Chinese attacking us. It’s important to distinguish among the actors and attacks. You can’t respond in a generalized way to the ‘Year of the Hack.’ You must respond to the specifics of who’s attacking and how you’re being attacked.”
Four kinds of crime
Clarke invented an acronym, CHEW, to describe the four pre-eminent types of attacks as he sees them.
C stands for crime. Cyber crime accounts for more revenue than international cartel drug income, claimed the U.S. Treasury. Income estimates run in the hundreds of billions per year. Cyber crime used to revolve around stealing credit card numbers, but now they’re hacking into companies and taking over Accounts Payable. For example, in the Coreflood case, criminals cut checks to themselves, for US$150,000 and up, to offshore banks in the Cayman Islands.
Related Search Term(s): cyber crime, security
Share this link: http://sdt.bz/36176
Most Read Latest News Blog Resources
Virtualization: Not just for machines anymore
Network virtualization allows multi-tiered applications to behave as though they were in a physical network
|
|
Zeichick’s Take: The handheld and the tablet, circa 1976
Texas Instruments' and Hewlett-Packard's calculators were doing things decades ago we take for granted today
|
|
Google talks tools at AnDevCon III
New 3D debugging tool and recent ADK changes are detailed by Google developers at the third Android Developer Conference
|
|
Android is the focus of two new design tools
Anywhere Software and Xamarin provide ways for developers to create and test their applications on PCs
|
Virtualization: Not just for machines anymore
Network virtualization allows multi-tiered applications to behave as though they were in a physical network
|
|
Achievements and learning: Gamification comes to businesses and schools
Startup takes page from gamers by offering achievement marks to get developers more engaged in their projects
|
|
Google talks tools at AnDevCon III
New 3D debugging tool and recent ADK changes are detailed by Google developers at the third Android Developer Conference
|
|
SmartBear rolls out new quality solution: API Complete
Software gives organizations ability to write test scripts and monitor APIs by bridging the DevOps divide
|
Creation
To write better software, cultivate your ability to be creative.
|
|
Slick...but who needs it?
compilr.com is a well-designed site and the folks behind it seem to have their heart in the right place. But...who needs it?
|
|
How to be a better software developer
Want to be a better developer? You won't get there by mastering an interesting language or learning a new set of APIs.
|
|
Wooing Galatea
Do yourself a favor and check out Galatea 2.2, a wonderful book by novelist Richard Powers.
|
Five SCM Best Practices
Two-thirds of all software projects fail, according to the Standish Group’s CHAOS study. Improper usage of software configuration management...
|
|
|
Best Practices for Branching and Merging Patterns
Development teams often create a branching pattern, usually drawn out on a white board or in a Visio document, that is used as a model to...
|
|
Automated Error Reporting
We invite you to read a short e-zine that tells you all about automated error reporting for .NET applications. This 8-page e-zine is packed...
|
|
The End of Application Redeploys
Imagine that every time you wanted to write, send or receive an email, you needed to restart your computer. How much time would this take, a...
|