RSA 2008: malware expert considers future of cybercrime

What keeps a world expert in malware awake at night?

What keeps a world expert in malware awake at night?

For Dan Hubbard, vice-president of security research at Websense, it is the confluence of old and new criminality with the capability to deliver devastating attacks on critical national infrastructure.

It is all about costs and benefits, and criminals are no different from legitimate businesses in this respect, Hubbard said. "The old criminals are learning from the new ones how to launder stolen credit cards, and they are learning how little risk they face of being caught," he said.

The old criminal gangs have a lot of money that they can plough into cybercrime, which is potentially much more profitable that traditional forms of crime and is less risky, he said.

"Wherever there is money, there are people willing to exploit the prevailing circumstances," Hubbard said. As more companies go online, there is greater commercial incentive as well as more opportunity to exploit gaps in the technology and processes, he said.

Extortion and blackmail have been updated, thanks to botnets and distributed denial-of-service attacks, Hubbard said. The possibility of these same attacks being used to target critical national infrastructure such as energy and water supplies is deeply worrying, Hubbard said.

"We [in the West] have not yet seen a big attack on infrastructure of the scale of a 9/11 or Estonia," he said. "But Estonia is a small country and their network skills are very high. There is no knowing what could happen here," he said.

He expected the situation to worsen as the elements that control critical national infrastructure become more connected and integrated. But there are still a lot of old legacy systems that are not - and might never be - connected, he said.

So far the US government's response was to play catch-up, he said. "The government cannot compete on pay. People who join the FBI and Secret Service get a lot of good case experience and then leave for double the pay in the private sector," he said. In addition, there was a "talent problem" caused by commitments to the Iraq war, he said.

He was optimistic that international co-operation, especially on criminal cases, was starting to work and to show results. "It is not frictionless by any means, and the penalties are disproportinate to the damage attackers cause, but there is progress."

Hubbard said politicians and lawmakers needed education. "[Cybercrime] is a complex issue and the level of naivete is very high," he said.

Read more on IT risk management