Money Earner

April 10, 2008

Zombie Computers

Filed under: Business, Technology

SAN FRANCISCO — Gangs of thousands of zombie home computers grinding out spam, committing fraud and overpowering websites are the most vexing net threat today, according to law enforcement and security professionals.

Today’s botnet herders have hundreds of thousands of computers at their command and use technically sophisticated ways to hide their headquarters, making it easy for them to make millions from spam and credit card theft. They can also be used to direct floods of fake traffic at a targeted website in order to bring down a rival, extract protection money or less frequently, used to make a political point in the case of attacks on Estonia and the Church of Scientology.

Security pros and government officials are now describing the latter attacks, known as Distributed Denial of Service attacks, as serious threats to national security — turning  packet floods against public websites into the latest face of "cyberwar" hysteria.

Hence, the appearance Tuesday of a panel discussion at the RSA 2008 security conference entitled "Protecting the Homeland: Winning the Botnet Battle," which was marked by a mix of resignation, indignation and post-9/11 rhetoric.

Ronald Teixeira, the executive director of the non-profit National Cyber Security Alliance and the panel’s moderator, began the discussion by describing botnets as "one of the largest threats we face on the internet today, and they can be used to attack critical infrastructure."

The Department of Homeland Security’s representative Jordana Siegel, who works on public awareness at the National Cyber Security Division, echoed the line that botnets were a imminent threat to the nation’s security.

Citing the attacks on Estonia last year by Russian nationalist hackers, Siegel said botnets can "disrupt an internet-reliant society," saying that the temporary takedown of Estonian newspaper and government websites "nearly crippled the country’s cyber infrastructure." Earlier in the day, Homeland Security chief Michael Chertoff leaned on Estonia as evidence of the need for a federal government "Manhattan Project" for computer security.

Siegel said the DHS is working at fighting the problem, citing the annual October National Cyber Security Awareness month, which she said helped Americans learn that "all users need to practice safe online behavior."

McAfee’s Joe Telafici, a vice president in their security lab, lamented the ease with which botnet herders can abuse domain registration services and the low cost of e-mail, which make the economics of online crime very attractive.

"We are seeing a model that is so economically viable that trying to tell the kids it is a bad thing to do is bound to fail," Telafici said, suggesting that botnet herders outnumber the 15,000 or so attendees at RSA. "Even if you don’t have a computer, you are paying money to someone for the cost of dealing with the security ramifications."

FBI agent Matthew Fine cited two recent takedowns of U.S.-based botnets, operations dubbed Bot Roast, as an example of how the FBI is dealing with botnets. Fine declined to speculate, however, on whether the arrests actually put a dent in overall online criminality.

"I get paid to put bad guys in jail," the flat-topped Fine said, but he noted that as soon as one botnet herder was prosecuted another takes his place. 

"It is a boulder coming down the hill and I am trying to keep it from getting to the bottom," Fine said.

Fine hopes Congress will step in with tougher criminal penalties for botnet runners, but noted that judges were now handing out substantial sentences of four to five years in cases brought to them by the feds.

Ira Winkler, a security consultant known for his outspoken ways, countered that this was all just caterwauling and that if the country thought that botnets were a real problem, ISPs and individual users would be held responsible for zombie machines.

"The problem is no one is doing anything," Winkler said, proposing that users be fined or blocked if their computer is infected.

"Guess what? If your system has a bot on it, you don’t get on the internet," Winkler said, summarizing his proposal.

"We need to hold people responsible when they present an imminent threat to other people," Winkler said to wide applause from the audience. He contrasted the lack of computer regulation to laws preventing unsafe cars from taking the road.

Sparing no target, Winkler went on to ridicule DHS’s awareness efforts as useless, and argued that the highest levels of government don’t care about computer crime, citing the ability of a Russian cyber-criminal group known as the Russian Business Network to remain free.

"When they start putting the RBN in jail, then I will be impressed," Winkler said, noting that would require the feds to put pressure on the Russian government to stop protecting the gang — not an easy task.

Still, Winkler argues, that’s doable with political will.

"When the U.S. government wants to get things done, they know how to put people in jail."

So what really is the threat to the so-called Homeland from zombie computer armies?

When asked by Threat Level, the panel came to a split decision.

"Terrorism with botnets is overrated," McAfee’s Telafici said. "But if you are looking at the economic burden of botnets, we could probably do without it."

Winkler suggests that botnets could be used in tactical small attacks, including, perhaps, inflicting minor power outages.

DHS’s Siegel defended the use of overheated rhetoric, saying that temporarily unavailable government or financial websites would erode public confidence.

Missing from the panel discussion was any in depth talk about real solutions.

For instance, ISPs can easily learn or be told which of their customers has an infected computer, but due to the customer support costs of cutting off a zombified user — angry phone calls, confusion — they tend to do little.

Also not talked about are changes in internet governance that punish known domain sellers and ISPs that favored by online criminals for their lax policies.

March 3, 2008

Ways to be promoted

Filed under: Business

If a promotion is one of your goals for the next year, are you doing everything you can to make it happen?

It would be nice if hard work and talent would automatically lead to a job with more pay, more responsibility, and a better title. But in most cases, it takes more than that to move to the next level.

Make Yourself Known

Look at the job you’d like to have a year from now. Who selects candidates for this position? Who does that person work with and ask for advice?

"Then you systematically sit down and think about how you’re going to make contact," says Helen Harkness, founder of Career Design Inc., in Dallas. There are lots of ways to do this. You can volunteer to serve on a committee with the people you need to know, for example. You can forward them articles or information that relate to their expertise.

Help Your Boss Succeed

Often, your boss is the person who will decide if you’ll be promoted. But even if not, your boss will almost certainly be consulted. So impressing your boss is a top priority.

Marianne Adoradio, a recruiter and career counselor in Silicon Valley, suggests focusing on your company’s key goals, then talking with your boss to find out which are most important in your department. "It’s really important to be aware of what is going to make your boss successful, what is most important to him or her."

Start Doing the Job

You don’t want to stage an office coup and start making personnel decisions that are your boss’ responsibility. But you need to show that you can work at a higher level than your current position.

"People are easily promoted when they show that they can already do parts of the job they want to move into," says Steve Levin, principal of Leading Change Consulting & Coaching, in Portola Valley, California. "If you want to move from being a manager to a group manager, start taking on responsibility for what a group manager does. Start thinking like they do."

Then you can make the case that "I’m already doing the job; I just need the title."

"That’s pretty irresistible to your boss," Levin says.

Have a Plan B

Many people think there’s a system in place at work that will take care of them and their career path, Harkness says. "They expect it to happen 1-2-3, automatically. They do the right thing, and they’re going to get that promotion. It doesn’t work that way."

In fact, Harkness says, it can happen that "you do everything you’re supposed to do and it doesn’t work." It’s important to understand that the workplace is uncertain — and to know what your backup plan is if you don’t get the promotion you want.

If the promotion was a stretch and your boss is encouraging even while turning you down, it may be worth spending another year gaining experience. But you may also want to explore career options outside the company.

March 1, 2008

US economy skids to near halt

Filed under: Business

WASHINGTON - The economy skidded to a near halt in the final quarter of last year, clobbered by dual slumps in housing and credit that caused people and businesses to spend and invest more sparingly.

The Commerce Department reported Thursday that the gross domestic product increased at a scant 0.6 percent pace in the October-to-December quarter. The reading — unchanged from an initial estimate a month ago — underscored just how much momentum the economy has lost. In the prior quarter, the economy clocked in at a brisk 4.9 percent pace.

Gross domestic product measures the value of all goods and services produced in the United States and is the best barometer of the country’s economic health.

"The economy just kept its head above water," said Nigel Gault, economist at Global Insight.

Economists had thought the newly released fourth-quarter GDP would have been bumped up to a 0.8 percent growth rate. But the housing picture looked even more bleak in the new report.

Builders slashed spending on housing projects by a whopping 25.2 percent on an annualized basis in the fourth quarter, the biggest cut in 26 years.

And even though economic growth slowed, inflation picked up — an ominous mix that could spell further trouble for the economy.

As if the newly confirmed fourth-quarter GDP figure of 0.6 percent wasn’t chilling enough, the Labor Department reported Thursday that new applications for unemployment insurance benefits rose by 19,000 to 373,000 last week, more evidence that the general economic sluggishness is spilling over into the job market.

On Wall Street, the latest batch of economic news rattled investors. The Dow Jones industrials closed down 112.10 points.

Fears have grown that the country is heading for a recession or is already in one.

The National Association for Business Economics expects economic growth in the current January-to-March quarter to slow to a meager 0.4 percent pace. Some analysts believe the economy’s performance could be even worse and actually shrink during this period. Under one rough rule, the economy would have to contract for six months in a row for the country to be viewed as in a recession.

Concerned that the problems could intensify and further hurt the economy, Federal Reserve Chairman Ben Bernanke made clear he stands ready to lower a key interest rate again. The Fed, which started cutting interest rates to bolster the economy in September, has turned much more aggressive recently. In eight days in January, the Fed slashed rates by 1.25 percentage points — the biggest one-month reduction in a quarter-century. Rates are expected to move lower at the Fed’s next meeting on March 18.

Bernanke, however, is hopeful that previous rate reductions and the $168 billion economic aid plan of tax rebates for people and tax breaks for business will energize the economy in the second half of 2008.

A gauge of inflation linked to the GDP report showed that "core" prices — excluding food and energy — grew at a rate of 2.7 percent in the fourth quarter. The inflation reading — although unchanged from the government’s initial estimate — showed that inflation had picked up sharply from the third quarter’s 2 percent pace.

The inflation figure is above the Fed’s comfort zone — the upper bound of which is a 2 percent inflation rate.

Given rising inflation and a slowing economy, fears are increasing that the country may be headed for a bout of stagflation, a scenario the country hasn’t experienced since the 1970s.

Even though Bernanke has made clear the Fed’s top priority — for now — is trying to get the economy back on track, he also says he remains mindful of inflation risks, especially from high energy prices.

Oil prices reached a new record Thursday of $102. 59 a barrel. High energy prices can spread inflation by boosting the costs of a wide variety of other goods and services and can put a further damper on overall economic growth by crimping consumer spending.

Consumers boosted their spending at just a 1.9 percent pace in the fourth quarter. That was down slightly from the government’s previous estimate and marked a pullback from the third quarter’s 2.8 percent growth rate. Consumer spending accounts for a big share of overall economic activity and thus is a major factor in how the economy fares.

Business spending on equipment and software grew at a 3.3 percent pace in the final quarter of last year. That was lower than the government’s initial estimate and marked a deceleration from the third quarter’s 6.2 percent growth rate.

There was a bright spot in the report, however.

Sales of U.S. goods and services to other countries grew at a 4.8 percent pace in the fourth quarter, better than previously estimated. U.S. exports have been helped by the declining value of the U.S. dollar, which makes U.S. goods less expensive on foreign markets. The U.S dollar dipped to another record low on Thursday in Europe.

For all of 2007, the economy grew by 2.2 percent, the weakest showing in five years. That estimate also was not changed from an earlier reading.






















Get free blog up and running in minutes with Blogsome
Theme designed by Helga Cleve