world war E
dispatches from the network society

collective information security: part 1

Despite a booming volume business for botnets on the black market, herders are beginning to break up swarms and spread them across multiple command servers, in an effort to thwart the detection and neutralization technique most commonly used by security firms and law enforcement: pinpoint the source of a traffic spike and sever the network tie. As one security researcher remarks,

“It comes down to financials…If you have a single botnet with a single point of failure and that goes down, you lose everything. If you cut it up into smaller botnets, you get added security.

Decentralization is a classical tactic of insurgency and a constitutive feature of the network society – and security providers are responding with the arsenal most conducive to defending point-specific targets: increased information. Symantec, for example, recently rolled out increased bot detection in its managed security service, using network-wide aggregation and comparison to highlight attacks that appear individually benign. FireEye, a California network security company, is using a similar software device – the virtual victim machine (VVM) – to collect data on potential infections from its customers into a kind of collective information security database to protect all of its clients; the extrinsic network effect in operation.

Computer security has always exhibited game symptoms, not least because so many of the personalities involved adopt an Everest ethos to hacking/defending, viewing them as problems to solve ‘because they are there’. Now, with more money at stake, both botnets and defending against them are changing the rules of the game – the question is, in the defense against botnets, will firms work together to multiply the informational security benefits of cooperation? Or, in jealously guarding their proprietary data, will such ‘collective information security‘ become ineffective and irrelevant?

Part 2 of this post will expound more on the theory behind collective information security; stay tuned.

Advertisements

No Responses to “collective information security: part 1”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: