http://www.zdnet.com.au/news/security/0,2000061744,39257210,00.htm By Munir Kotadia ZDNet Australia 23 May 2006 The head of eBay Australia's IT security has slammed the wider security community for making it difficult for users to learn about using the Internet safely, because they sensationalise online crimes and keep changing the names of potential threats. Speaking at the AusCERT 2006 conference in the Gold Coast today, Alistair MacGibbon, Australian director of trust and safety at eBay, told delegates that Internet-based crimes are no different to crimes in the real world. "There is nothing new about the Internet crimes we see and there is nothing new in the ways we have to fight them," said MacGibbon. "Hacking is breaking into someone's computer system and tampering with data or stealing it. Is it any different from so long ago when people would break into the store room and steal the files of a company?". MacGibbon said that in the online space there is obviously an issue with jurisdiction and also what the victim experiences, but essentially he said they were exactly the same crimes with the same motivations as in the offline world. One prime example of what confuses users is the constant name-changing when it comes to potential threats - such as phishing. "Phishing is about tricking someone into giving out details online -- like their password or their personal credentials when we know they shouldn't. Social engineering was about exactly the same thing. "We have phishing one day, spear phishing the next, deep sea phishing and puddle phishing. All of them are variations on a theme and none of them different to the other crime," said MacGibbon. "We sensationalise those crimes and make it much harder to educate consumers," he added. Even without the added hype, fighting crimes and educating the public on how to go about their business safely is not an easy task, said MacGibbon, who is a 15 years veteran of the police force and an ex-director of the Australian High Tech Crime Centre. As an example, MacGibbon cited murder rates, of which he said criminologists spend years trying to collect accurate data so it can be analysed and checked for trends. "Even with something as simple as counting murders we have spent years trying to do it. Why? Because the definition in the legislation is different. The definition in the forms that get ticked in the various agencies are different. So our ability to count that crime in the offline space is difficult," said MacGibbon. Munir Kotadia travelled to the Gold Coast as a guest of AusCERT. _________________________________ Attend the Black Hat Briefings and Training, Las Vegas July 29 - August 3 2,500+ international security experts from 40 nations, 10 tracks, no vendor pitches. www.blackhat.com
This archive was generated by hypermail 2.1.3 : Mon May 22 2006 - 22:48:26 PDT