Ross Anderson, professor at Cambridge and one of the world’s leading experts in cybersecurity, warns about the dangers of the lack of control of crime on the internet.
It is a simple crime. You have to post on several websites ads to rent a flat in a city with little offer and a lot of movement. The photos should be beautiful and the price very affordable. And ask for money to “block housing” to the first ones who write.
Online crime is growing
Thousands of people sting each year. In 2015, in the United Kingdom, 3,200 people searching for houses called the police. The Association of Local Governments believes that this figure is only 5% of the victims. It is a scam of hundreds of millions of euros per year.
What did the police do when they took the evidence? “Nothing,” says Anderson
Ross Anderson is one of the biggest experts in online crime. His book Security Engineering, 1,500 pages (or 17 megabytes), came out in 2001 and in 2020 he will release his new third edition. It is one of the bibles of the subject. The team that works with him discovered the origin of one of these floor scams. He was in Berlin and he got between 5 and 7 million pounds a year, half with ads in London.
What did the police do when they took the evidence? “Nothing,” says Anderson. “This is organized, fat crime, this guy in Berlin makes a lot of money, we went to talk to the police in London, who are investigating frauds of two or three million pounds and say they will not do anything if it’s online. Abroad.”
An online search of this flats scam returns dozens of links about cases, inquiries and complaints, including one from the Cambridge police on how to detect it. But there is no stopping.
“Online crime is not sexy nor does it raise enough fear. It’s not like terrorism or child pornography”, says Anderson. Although their statistics do not stop rising, the society at the moment can coexist with these crimes. “The [British] ministers do not want to know anything about ordinary fraud, it is not interesting enough, but it is the majority of the crimes that are committed” Anderson explains during a recent visit to Madrid to give a talk at the Ramón Areces Foundation .
“Governments continue to boast of how good they are in the fight against crime but ignore online scams”
The disinterest in these crimes will remain as long as they are not too expensive. “What has happened in the last 10-15 years?” Asks Anderson. “Crime has jumped on the Internet, governments continue to boast of how good they are in the fight against crime but ignore online or electronic scams, bank fraud and so on.”
Anderson talks about online crime with the naturalness of a biologist who describes the behavior of an animal: that’s how it works, no more. It links examples of common crimes with computer feats with pioneering samples in the 1980s that later became habitual. Just shut up: it’s like a trovador of online crime. The variety of crimes is immeasurable. And it seems so easy.
Children who cheat
It is even easy to start. A recent novelty is to use a denial of service attack in online games. That type of attack consists of sending millions of visits to a website to knock it down. It was used a lot to prevent a web from being visible for a while. Now online players use it to launch a small attack against their opponent to leave a few seconds out of the game and win.
Anderson’s team observes the kids who use these resources – which cost a few dollars in “supermarkets of evil” on the Internet – to understand the future “ways of crime”: “We see how a child goes from being a cheater to gamer. someone who buys a service denial service to kill his rivals, it’s the initial drug, like someone who starts smoking hashish at school. ” It could be the beginning of major crimes.
There are every day examples of crime online under the media radar. The city of Baltimore has kidnapped its online services since May 7 for a computer attack that asks for a reward. There is no way to pay bills, use the official email and many of the phones. Baltimore officials have recovered the role. In 2018 it happened in Atlanta and the insurance paid the damages. Similar cases against private companies do not come to light.
The Mercedes of a dictator
Online crime scaled fast. Not only to go from winning online games to millions of dollars, but also as a geopolitical tool. It’s hard to imagine the options, but that’s what Anderson is for. When cars are all software, what will prevent a government from requiring one of its companies to block the cars of a rival government that receives sanctions: “Software updates can be used as a diplomatic tool,” says Anderson. “All the Mercedes that a dictator has given to his henchmen can be blocked.”
Cyber attacks can also strain malware in cars. A virus in a car can allow a terrorist hiding in a remote country to turn right and accelerate thousands of vehicles moving in the United States: “This is something that has been proven for years,” he explains. Lawmakers should force manufacturers to continue updating their models’ software for years to avoid having machines full of security holes on the roads.
Instead of “throwing a bomb in Los Angeles”, someone can hack all the air conditioners
Not only the cars, but also the air conditioners and all the new smart pots that will fill the homes: “One of the things that you have to explain to the manufacturers is that they must take the safety patches seriously because an air conditioner is basically a box of Linux with peripherals, once you connect it to wifi, it’s hackable. ” And if it is hackable, instead of “throwing a bomb in Los Angeles”, someone can hack all the airs of a brand and “turn them off and on and off and turn them on without anyone knowing who has done it until it destroys the electrical network and leave half of Americans without electricity. ”
The original problem is that the internet was built like this because of the rush. “In the software and information industry, a lot of money is made from network effects, and the hurry of companies like Microsoft or Facebook to be the first left many security flaws open for years,” explains Anderson. Hence, the priority has always been “launch a product in version 1 to be the first and we will fix it in version 3,” he adds.
The consequences of all this is that the systems, the structure is now weak: “This is how the world works, we decided to create a world in which the internet services for each individual were not so good”.