North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: A couple or advanced references...
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Steven M. Bellovin" <[email protected]> wrote: >> >> Credit card fraud was the most common form of reported identity >> theft at 23 percent, followed by utilities fraud at 18 percent, >> employment fraud at 14 percent, and bank fraud at 13 percent. >> > >Right, but that may or may not have anything to do with the Internet; >see http://www.schneier.com/blog/archives/2007/11/identity_theft_6.html >(among many others). Right -- which why I mentioned "fudge factor". ;-) While I don't disagree completely with those studies, I do think that they may not be currently accurate (but I have no way of knowing that, of course -- the people who underwrite the losses keep this information very much out of the public eye). In any event, the level of "professionalized" effort and sophistication employed in all levels of these criminal endeavors indicates that there is indeed a financial incentive to pursue their efforts. And unfortunately there seems to be enough "low hanging fruit" for it to make it financially fruitful. My angle really has very little to do with ISP-level mitigation of these issues -- unfortunately, it has become an issue of incident handling, notification, and response. This has become a major issue in most of the Internet -- an issue which most ISPs themselves are fairly insulated from (with the exception of ISPs who administer residential broadband networks). If ISPs think the only problem "out there" are DDoS attacks, they are woefully naive. - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFHuoGpq1pz9mNUZTMRAkXPAKC01yeqhbMjs0sgt5bf42IXtZ6kVgCeNQsB MBTudIF0mWNOpLZVxc3kNOM= =hn0z -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/