Global Cyber Cop Hits Town, Says Hacking Is Passe
By Narayanan Madhavan
Bearded, wiry, with his eyes sparkling as he unfurls accurate sound bites, Bruce Schneier hardly looks like the master geek that he is. But his claim to fame is precisely that: Schneier has breathed passion, detail and a touch of evangelism to the business of computer network security, a dull topic even for those who need it badly.
The global cyber cop is the chief technical officer of BT Counterpane, the British telecom company's subsidiary that adds security layers and network patrolling to its business of building and managing computer networks. Schneier, who landed in Delhi to promote cyber security services targeting IT companies and call centers, believes hacking by cocky young men seeking short-term fame has given way to more methodical and dangerous cyber crime gangs that need checking.
"Hackers want to make a splash. Criminals don't want them. The new worms are better written, they are quieter and better targeted. The criminal worm will sit quietly and steal your passwords," Schneier told the Hindustan Times in an interview.
"We see worms target companies, we see worms for reconnaissance," he said. "The movement from a hacker environment to a criminal environment is the really big story." Schneier, who believes cyber security is increasingly about "economics and psychology" as much as computer knowledge, has been quoted as a cryptography expert by author Dan Brown of the hugely popular Da Vinci Code that helped the New York-raised expert get added brand value in a business few understand. Schneier has controversially strong views against electronic identity cards and computer voting machines. As a man who makes money from the fear of the unknown in computer networks, he sketches a scary view of the easy world of online shopping and banking.
Cyber criminals, he says, could lurk anywhere. "It is very international. We see extortion. It mostly happens against fringe industries like online gambling, online gaming, online porn," Schneier said. Expert disruptions of networks are now used to blackmail key websites into paying up to restore operations, much like highway robbery did in the old world.
"Because of the Internet, they can be anywhere. They come from Eastern Europe, South East Asia, Sub-Saharan Africa. They come from countries with bribable police forces and no extradition treaties. It is very hard to go after some of these criminals. I call this jurisdiction shopping," Schneier said. He offers some consolation for Indian business process outsourcing (BPO) firms, which are his potential customers. He says their data networks are as safe or unsafe as any other in the world, and location has very little to do with it. However, contractual obligations offer stronger security to customers of Indian firms than law enforcement, he adds.
So what do firms like Counterpane do? They monitor computer networks with their own tools and skills, and use their trained eye to bounce off attackers, who can steal passwords or identities and indulge in transactions or disruptions they can use to make money. In a lighter vein, Schneier likens his firm to the private security gangs used by railroad travellers in America's Wild West when lawlessness was rampant, like in some parts of Bihar today. "When we did our first advertising campaign in 1999, we used American Wild West metaphors, because it is like that," Schneier said.
Dan Brown's Cryptographer
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.