Friday, October 29, 2010

"This site protected by cyber privateers"

Computerworld, 28 October 2010 - Adobe today confirmed that hackers are exploiting a critical unpatched bug in Flash Player, and promised to patch the vulnerability in two weeks. 

Yesterday's Computerworld story brought my fantasy cyber privateer team to mind. The question for today: Would cyber criminals be much less inclined to exploit published vulnerabilities if they knew some highly motivated cyber privateers were ready to pounce on them? What if that little old lady from Pasadena—with her banking passwords in her computer's address book and who logged into an infected site—turned out to be the Destroying Angel group? Maybe the privateers would leave a calling card after draining the bank account of a much larger parent criminal organization:

Dear Bad Guys:
Mabel Johnson's bank account was

Admittedly, Destroying Angel is my own alter ego creation, named after a novel I wrote back in 2000. I envisioned a computer genius named Black Madonna who spoke only in palindromes and created a self-aware cyber entity named Black Dragon. Hence comes the name under which I post on this blog: Destroying Angel. I even had bicycle racing jerseys printed up with my Destroying Angel logo on the back. And of course I own the domain: Maybe someday it'll be worth something.

Now consider the plight of Adobe. They have a known Flash Player flaw. It's going to take them two weeks to plug it. What a nightmare for corporate management, not to mention millions of Web sites who rely on Flash. What if those sites had a similar logo to the one above discretely located on their landing pages? What if Adobe products themselves also had such a warning label? It doesn't stretch the imagination to project a follow-up news story in which a large amount of money was confiscated from the bank accounts of a dozen Chinese college student/hackers before they could empty their accounts. Would this be valuable, today, for Adobe? 

Back to the first-mover advantage of a country that legalizes and welcomes cyber privateers. Not only would the cyber privateers pump a fortune into their economy, but every major software provider or Internet superpower in the world might establish a de facto home office in that first-mover country. Along with a first-mover financial institution who wanted to write "bonding insurance policies" for recognized cyber privateer organizations. 

You get the picture. The first country that moves on this wins big. I kind of hope it will be the United States. But crackie! Australia makes sense, too. Any other countries come to mind?

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?