Upload
ian-brown
View
1.570
Download
1
Tags:
Embed Size (px)
DESCRIPTION
Presented at 'The Information Intensive Society', London, 15 Oct 2009
Citation preview
Dr Ian Brown, Senior Research FellowOxford Internet Institute
Availability & integrity of Critical National Infrastructure
Protection of confidential information Manageable levels of fraud …all in cost-effective form, where costs
include inconvenience, enhancement of fear, negative economic impacts & reduction of liberties
Highly efficient criminal economy has sprung up (bot herders, coders, mules, phishermen)
Phishing (Symantec detected 55,389 phishing website hosts in 2008) – with increased targeting
Compromised machines (Symantec observed 75,158 bots/day)
Anti-Phishing Working Group Q2 2008 report
Internet Crime Complaint Center 2008 Annual Report p.3
Symantec Internet Security Threat Report 2009 p.10
Appropriate resourcing for law enforcement Fund security R&D, where appropriate with
INFOSEC agency participation Use procurement, licensing and
standardisation power to require significantly higher security standards in systems and services
Use diplomacy to pressure state actors behind Russian Business Network, DDoS attacks, classified network incursions etc.
House of Lords concluded liability should be shifted to some combination of software vendors, ISPs and financial institutions
Intended to incentivise innovations such as RBS off-line consumer card terminal