Know your enemy is a very old principle indeed. It dates back to the Chinese philosopher Sun Tzu's The Art of War. I've always been fascinated to know who it is that is my enemy when I'm developing secure software for mobile phones.
I'd always pictured teams of faceless Russians in windowless buildings somewhere in Siberia, highly educated by the Hackers Universities, treating the theft of millions of pounds as an intellectual exercise; and indeed it used to be so. But it turns out that now for the majority of crime my picture is quite wrong.
According to a recent presentation from ThreatMetrix, many perpetrators of computer fraud are much closer to home. Indeed the UK and America have the largest number of attackers. So actually your cyber criminal is more probably in an office block somewhere not very far away. Or in India, or the Carribean…
Similarly it is tempting to think of criminals tapping away at mobile phones to exploit the various weaknesses in mobile phone software. Again, the truth is rather different. Although the APIs used by mobile phones do present the most common forms of attack by criminals, in fact they generally use other home-grown or specialist software. Thus mostly they'll be typing away on a PC.
So it’s Michael Caine's Charlie Croker working for Noel Coward's Mr Bridger, not Lotte Lenya's Rosa Klebb working for Steven Berkoff's General Orlov. And they’re not far away – not far away at all...
- Charles
Text by Charles Weir, copyright (c) Penrillian Ltd, used by permission.