I thought I'd do a quick rap-up of some of the 'fun' things done by hackers in the past year.
The most fun one is the car navigation system. The one you rent at the airport when you get to some country where you have no idea of the landscape and couldn't hope to find your way anywhere without the sattelite navigation system you insist upon when you
rent a car.
Before you go to the desk you grab a wad of the local currency from the ATM for incidentals.
Jump in the car and head off to your hotel.
Meanwhile after you get into the rental car some hackers have reprogrammed your navigation system to send you to a mugger's alley somewhere that even your global roaming mobile coverage won't work in.
You get the idea.
A slightly lower impact version could be a competitor's hacker making your car stop, your heating come on instead of the air-conditioning and your radio jump from the BBC to all the local foreign language channels, along with mis-directing you to your appointments,
just to make sure you are at your best when you do eventually arrive.
The lesser fun hacks include the TCPIP vulnerability (internet computer to computer language) which can really slow or stop your internet experience. More serious is DNS spoofing where you get redirected to the fake bank site, and ripped off, or if they really
want to get you into trouble, a Russian child porn site. Try explaining how those images got on your hard-drive to the foreign police as you try to leave the country after they recieve an anonymous tip-off.
Back at home or even the office hackers were able to attack your previously convenient wi-fi network and take over your online accounts.
Then there is the Border Gateway Protocol hack which may be redirecting all your corporate traffic through your competitor's secret gateway so they can keep tabs on what you are up to. It can be used to pipe a whole country's traffic through a secret spy server.
The viruses, which pretty well all of the anti-virus snake-oil you could buy couldn't kill were bad enough, then the flaws on the bank sites were the coup de grace for online banking security, (online banking is down around 12% with some providers, it's a wonder
anyone does it really).
Even if your bank was one of the handful with a vaguely secure site, that doesn't help if the SSL hackers have targeted you for some fraud. Spoof your bank site and you even get a secure connection and padlock, but you get the booby prize when they clear out
Then we had fake fingerprint 'tapes' for the fingerprint scanners so the crooks and terrorists (and possibly financial advisors making their escape as their Ponzi scheme collapsed) could use your ID. They went perfectly with the E-passports which could be scanned
and cloned without having to pay those increasingly rare professional forgers for actual paper documents.
2008 should go down as the year the most fibs were told. By snake-oil salesmen and it seems investment advisors, either that or they were all suffering some form of mass delusion.
In 2008 we disabled PDF downloads from our corporate site as a precaution in case hackers used our PDF's to take control of our website visitor's Blackberry, or their PC. I always thought PDF's were part of a conspiracy to choke the internet anyway, they are
just so big.
What will we see in 2009?
More fraud, more viruses, more trojans, more internet disruptions (probably on a much larger scale and politically/religously driven) and most of all more mobile phone hacks.
It doesn't look good.
Of course there is a small chance that while everyone is on the same page with the global financial crisis and governments have 'equity' in such a wide range of businesses (basically any that have been able to beg loudly enough) then there might be a chance
that they'll get together and put the foundations in place for truly global identity and authentication. After all, if you don't have that right then what do you have? - fraud, chaos and no accountability.
I doubt the governments with equity in banks will long put up with the rising fraud levels and let the banks keep it under their hats.
It all starts with the individual when they log on. If you don't really know who they are, then all is for nought, whether it is the hacker building the fake bank site, the real sysadmin powering up the server or the consumer logging on to their social networking
site. With Windows looking like the proverbial cartoon tyre, all patches and no tyres it's about time we realised that there will always be flaws in software that will be exploited by hackers, and so long as we have no accountability it will keep on happening
patches or not. Way to go down the information superhighway, 'traffic is interupted while we perform yet another pointless upgrade to our dodgy beta software'.
Foundation. That's what's missing and everything built upon it has been a house of cards and bonanza for frausdsters and snake-oil salesman and it will always be so long as it's built on hot air. The internet is like an island of junk floating on a swamp and
every now and then the smell or something more serious will rise up and get you, and there is more chance of it happening every day. Disinformation is rife, there is no accountability.
As for the financial markets, that's a whole other swamp and it will continue to be plagued with problems.
It sure would be nice to see a reduction in scamming all round but it looks like all the energy 2009 will be spent on patching yet again.