互联网监察系统制止网络犯罪,保障网络安全(在线收听

Internet Watchdogs Struggle to Keep Pace

with Online Criminals

互联网监察系统制止网络犯罪,保障网络安全

 

It is mid-morning at the Internet Storm Center, an emergency response team strictly run by volunteers. They are studying data coming from sensors in thousands of other computers around the world, looking for suspicious activity online, or trends that spell trouble.

 

Marc Sachs is the center's director.

 

Marc Sachs: We can quickly see this spike, as we call it; we could look at that spike and within minutes, can see an outbreak of a piece of malicious code or worm or other type of activity.

 

If malicious code is detected, the word is quickly put out on line, and like a swat team, different international public and private groups which act as computer emergency response teams, or certs, move in to help control it.

 

Marc Sachs: Today most countries now have national certs, national computer emergency response teams, and most universities have certs. Most large businesses have cert teams and cert cc [Coordination Center] continues to be the coordinator of thousands now of these emergency response teams.

 

When the Internet was first built, there was little need for emergency Internet response teams looking for malicious activity or cyber crime. In those days everyone online was assumed to be a "good guy."

 

Marc Sachs: That mutual trust defined the different protocols, the different systems, the different applications we using today.

 

Things have changed dramatically since then -- there are now nearly a billion users online -- yet the network still works on that "trust" system. Not being able to verify who is on line is one of the Internet's major wiring flaws, and it presents an ideal world for cyber criminals.

 

Dan Larkin is chief of the FBI's Internet Crime Complaint Center.

 

Dan Larkin: I wish that's the attraction of the Internet. It's obviously broad. It allows the bad guys to expand the scope of their schemes, and scope of their ability to make money from their schemes and to be anonymous.

 

One popular cyber scheme involves manipulating the network's domain system, to redirect users to sites they don't even know they are visiting. On the screen, it looks like they have clicked on, say, their bank's site, but it is often a fraud.

 

Michael Nelson is Vice President of Policy at the Internet Society, an organization which helps to set Internet standards.

 

Michael Nelson: People are going to these websites, typing in their credit card and their name, password, and losing thousands of dollars.

 

Identity theft is a multi-billion dollar industry, and the IT world is working on ways to require positive identification by users. Smart cards, which act as ID's are one such answer.

 

Smart cards: You go to the computer you'll be able to slip this in a computer to verify that you are who the computer thinks you are. You can also do this with fingerprints, we now have laptops that have a $50 fingerprint reader that can verify that you are there, that it's really you.

 

But cyber criminals are skilled in technology and are constantly finding ways to manipulate the system.

 

Marc Sachs: We don't know where these guys will go next. It's completely up to the creative minds of the attackers as to what's next.

 

For FBI agents like Dan Larkin, keeping one step ahead of the "bad guys" has meant changing the way law enforcement traditionally does business. Today, the FBI cyber division works with academic and commercial groups…all experts in the field.

 

Dan Larkin: The thing we try to do is to tap them (experts) to open our doors to those intelligence and subject matter experts and bring them into the fold as an extension of our international cyber task forces.

 

Another major change has been to involve the public. In the past, the FBI kept things quiet while they worked to build a case.

 

Dan Larkin: It's going to be a two prong approach: we're going to try to keep empowering the consumer on what the problem is and at the same time, hopefully aggressively, go after the bad guys.

 

Both the FBI and the Internet Storm Center have websites to keep the public --individuals and businesses -- aware of the latest cyber schemes. They also offer tips and technical assistance.

 

At the very least, there are some basics to keep in mind.

 

Dan Larkin: Keep your software updated, run anti-virus, have firewalls, just normal common sense things you need to do. Industries need to make sure they've got good policies in place.

 

On the day we visited the Internet Storm Center, the state of cyber space seemed to be relatively calm. But when the next cyber storm does hit, this and other groups will be fighting it.

 

Nahedah Zayed, VOA news.

 

注释:

suspicious [sE5spiFEs] adj. 可疑的;引起怀疑的

spike [spaik] n. 钉子(此处指网络病毒或恶意代码)

malicious [mE5liFEs] adj. 怀恶意的,恶毒的

cyber crime 网络犯罪

protocol [5prEutEkCl] n. 协议

scheme [ski:m] n. 阴谋

anonymous [E5nCnimEs] adj. 匿名的

manipulate [mE5nipjuleit] vt. (熟练地)操作,使用(机器等)

domain [dEu5mein] n. (活动的)范围

fraud [frC:d] n. 欺骗,欺诈行为

fingerprint [5fiN^Eprint] n. 指纹,手印

laptop [5lAptCp] n. 便携式电脑

task force 特别工作队

  原文地址:http://www.tingroom.com/voastandard/2005/10/19980.html