Remember the beige box? Maybe this reference is lost on millennials or those who don’t know or care about geek history. But the game changing 75mhz Intel processor released in October 1994 was the king of the hill for all of nine months before being replaced by a successor with twice the power and speed.
This led to the universal attitude that personal computers were a terrible investment given how fast they became “obsolete” within months of purchase. The Pentium 75 would quickly be replace with the 133. Then a few months later the 233mhz replaced the 166mhz processor, the Pentium II by the Pentium III and so on.
But around the turn of the millennium this meteoric innovation curve finally fell flat. In November 2000 Intel broke the two gigahertz barrier with the Willamette processor. There have been other innovations but we haven’t seen a huge increase in clock speed since then and determining whether or not your PC is “obsolete” is now a much more personal question. Until Microsoft pulls support for Windows 7 in January 2020, there is nothing forcing us to go to Windows 10 and possibly buying new hardware to run it any time soon. So the hysterical idea of replacing your computer every couple of years is gone forever. Now we’re doing that with our cell phones instead.
But what does this have to do with “cybersecurity”?
Now we have a new hysteria in the tech world. Thanks to what was once a a dorm room prank turned global marketplace, cybercrime has made physical crime obsolete. The Zeus trojan horse malware netted double the take of all of the traditional bank robberies combined: in 2009! That’s right. As of the time of this writing we are more than six years hence the day when, unlike sixty percent of traditional robbers who are quickly caught, criminals can sit safely across an ocean and rob banks and other institutions from some non-extradition country with incredible efficiency.
So how bad is it now?
We now find ourselves in a world where the term “organized crime” has taken on a whole new meaning. Save for the sinister outcome, modern crime is perpetrated using similar distribution and marketing strategies indistinguishable from legitimate business. There are channels, agents, resellers and sales management platforms that look like a cross between a stock investment dashboard and Salesforce.com. As for having honor among thieves they have been using escrow services on the dark net to broker crime for years. Botnets can be rented and infected computers can be resold as commodities to directly ransom user data or as universal launch points for indirect attacks on other systems in large scale heists. It is very mature.
So if it is this organized is it easier to take down?
The many barriers to prosecution of cybercrime make a good subject for another post but the sophistication which generally makes cars, for example, more prone to failure seems to have the opposite effect here. The Ebay-like experience of buying tools and services then selling the product on similar platforms makes for fast, simple and efficient getaways. The crime has taken on an identity of no one in particular. It is a crowd of actors with no one in charge of all aspects of even a small heist. The role of “criminal mastermind” has been automated and aggregated such that we are being attacked by a hive of cooperating interests genuinely separated by layers of profitable businesslike infrastructure. Crime as we know it is now obsolete.