During the Gartner IT Security Summit in Washington, D.C. this week, author Bruce Sterling commented that the Internet is a "god-awful mess," but few U.S. government officials are willing to take action against virus writers, spammers, and other scammers.
Disorder and corruption are winning on the Internet, and computer users need the U.S. government to crack down on the thieves preying on the Net, said Sterling, author of futuristic novels Heavy Weather and Islands in the Net and the nonfiction book The Hacker Crackdown: Law and Disorder on the Electronic Frontier.
"We had a digital revolution in the 1990s--now we've slid into digital terror," Sterling said commenting on current IT security. "Today's Internet is a dirty mess--its revolution failed. E-commerce was extremely inventive for a while, but the financing model was corrupt. There was poor governance in the financial systems, there was worse industrial policy; the upshot was a spectacular industry-wrecking boom and bust."
Sterling noted that most of the advancements in Internet commerce since the dot-com bust have been illegal, including spamming, identity theft, and account information theft. "If you advance into mayhem, that's not advancement, that's driving into a ditch," he added.
The recent arrests of a few virus or worm writers, including the 18-year-old German developer of the Sasser worm is a bit of good news according to Sterling but writers who are unsophisticated enough to get caught are not what concerns him; Sterling’s focus is on the authors of such viruses and worms as Slammer, Code Red, and Witty who haven’t been caught.
The Witty worm targeted users of the products of a premier IT security company, Internet Security Systems, while the authors of Bagel and Mydoom turned infected computers into spam-factories, Sterling said. "Bagel and Mydoom are the future of virus-writing because they have a business model," he said. "Those are organized crime activities. . . . These are crooks."
Sterling predicts that virus and worm writing will grow as a weapon for terrorists and warring nations. Terrorists operating in places with little central government control will begin to see cyberterrorism as an effective weapon because of a lack of international cooperation on cybersecurity enforcement, he said.
"This is the birth of a genuine, no-kidding, for-profit . . . multinational criminal underworld," he said. "I don't see any way it can't happen. We're going to end up getting pushed around by bands of international electronic thieves in a very similar way to the way we've been pushed around by gangs of international Mafia and international Mujahideen terrorists."
The new tools of terrorists and criminals will be "oil, narcotics, guns, and broadband," he said.
With cyberthreats likely to rise, the U.S. government needs to focus on enforcement of existing laws, including antifraud laws, Sterling said.
Instead of weak laws, such as the CAN-SPAM act passed by congress late 2003, the U.S. government needs to sponsor a multistate computer-crime task force that enforces existing laws, he said. He also recommended that the government publicize the names of spammers and other Internet scammers on a Web site
Sterling also praised parts of the National Strategy to Secure Cyberspace, released by the Bush administration in February 2003, which recommended that nations work together to combat cyberthreats. But the strategy is likely to go nowhere after former Bush cybersecurity chief Richard Clarke criticized his former boss' counterterrorism efforts in a book released earlier this year, Sterling said.