Home Asia-Pacific I 2014 A flashlight is most valuable at night – The Romanian experience

A flashlight is most valuable at night – The Romanian experience

by david.nunes
Florin TalpesIssue:Asia-Pacific I 2014
Article no.:3
Topic:A flashlight is most valuable at night – The Romanian experience
Author:Florin Talpes
Title:CEO
Organisation:Bitdefender
PDF size:255KB

About author

Florin Talpes is CEO of Bitdefender, one of the industry’s fastest and most effective lines of internationally certified security software. In 1990, together with his wife Mariuca, he created SOFTWIN, one of the biggest Romanian software and services companies and the mother company of Bitdefender. Founded in 2001, Bitdefender has now its own solutions distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. Being one of the Romanian software industry pioneers, Florin Talpes was also the founder and former President of the National Association of Software Services Industry (ANIS) in Romania. As President, he led a team to develop the National Strategy for software services in Romania.

Florin Talpes is a Math University graduate with a Master in Operator’s Theory.

Article abstract

Asia could take a leaf from Romanian history, after the fall of communism there – the battle of crime and corruption versus democratic free enterprise. Now, there is a global battle between light and dark in IT – between cyber-criminals and secure business. This has recently taken a sinister turn, when governments have engaged in cyber warfare, using shady parties to generate viruses against political rivals. This is escalating the problem, where criminals are deemed ‘patriotic’ and creating sophisticated malware is practiced by both sides. It has raised the idea of offensive defence, i.e. attack the attackers. However, the Internet does not lend itself to such tactics, and passive defence remains the best way forward.

Full Article

Asia is awakening with increased commerce activities, but also experiencing rapid rise in cyber-crime. The battle between light and dark – freedom of business and the growing crime and corruption – is just commencing. The Romanian experience may shed some light. In the early years after the fall of communism in Romania, the country was plunged into a political and social chaos that led to riots, widespread corruption and a grab for cash among the powerful. For a time, the landscape was indeed dark. The population, for the most part, had never dealt with democracy and free markets, and the country’s hold on the concepts was tentative. For years, the political situation could have swung either way – towards criminality and heavy-fisted governance or toward stability and democratic rights. Eventually, an education in the ways of democracy helped the latter gain the upper hand.

The IT world in Romania reflected this reality as much as any industry. The country had a recorded history in IT, and indeed was one of the first ten nations to build an electronic computer. Ingenious computer whizzes throughout the country adapted their knowledge to the country’s new reality. Piracy, fraud and viruses became rife. So did hard work and innovation as Romania computer scientists took advantage of the global trend toward outsourcing to provide many valuable IT services to the West. The battle lines were clear as some groups created viruses and others worked to fight them.

By the beginning of the 2000s, one of the first cyber-security projects in Romania, my own, had grown out of a need of our customers. Romania and Bulgaria were havens of cyber-crime at the time and file infector viruses often spread to systems, infecting the software we were distributing.

It seemed like an uphill fight at the time, and it still is in some ways, but now we can at least draw on a vast cache of knowledge and experience. It has not been entirely thankless, either – the development of the entire Romanian IT sector stands witness to that.

The average salary in Romanian IT companies has grown five times faster than the average national salary since 2008 when the economic crisis was first felt. On the one hand, this reflects a tight labour market. On the other, it drives growth of the labour pool itself – the IT industry is better integrated with the educational system – there are internship programs, joint research projects, infrastructure development support programs and other facilities, all driven by the market need to prepare well-trained IT specialists.

I like to think our own efforts have inspired security-minded youths to choose a career in defending against cyber-crime, rather than perpetrating it. The required skills overlap between these two extremes. It is mostly ethics and morality that determine the career path – a black-hat hacker who steals, traffics and blackmails or a security analyst engaged in frustrating such people.

Our project has grown truly global. The rapid spread of the internet over the past 20 years made it inevitable that the struggle between IT crime and IT security would grow truly international. The world, at least insofar as the internet is concerned, now finds itself in the same struggle between light and dark that Romania survived in the 1990s. The change brought on by the internet was so great and so sudden that, like in the early post-Communist days of Romania, the global society is struggling to keep up.

There is debate around concepts such as online privacy, anonymity, the right to a private life and the right to own one’s public image, to name a few concepts that have exploded into public discourse.

The novelty of IT technologies make them a hotbed of criminality as well, although technologies and, more generally, methods to defend against cyber-crime do exist and do keep pace (and sometimes overtake) those used by criminals. However, technology development and technology adoption are not the same thing – there are new IT security technologies that are not widely deployed due to high cost of implementation or simply because they seem inconvenient. The costs that society incurs by not implementing them are high. Initiatives such as the International Multilateral Partnership Against Cyber Threats (IMPACT) – the only truly global multi-stakeholder and public-private alliance against cyber threats – reveal interest at the highest levels of government and business to enhance the global world’s capacity to prevent, defend against and respond to cyber threats.

IT is an unusual field in that its products are almost pure added-value and its growth necessarily adds value to society by facilitating collaboration, communication and education in all fields of human endeavour. The flip side of the coin though is unusually sombre – as society changes to take advantage of new technologies, its well-being increasingly depends on their availability and reliability.

Honest and earnest international co-operation in cyber-security is essential not only because globalized cyber-crime is a serious threat to the economies of developed countries, but also because the alternative is chronic international conflict – cyber-espionage and sabotage, possibly escalating into outright cyber-warfare.

In recent years, the previously covert field of cyber-sabotage has attained public notoriety, especially after the Stuxnet attack was credited with destroying Iranian uranium enrichment equipment. The years-long campaign to build Stuxnet took years and the kinds of resources only available to nation-states.

Similarly, cyber-espionage by both state- and non-state actors seems to gain a more prominent position in the public eye – advanced persistent threats like the Flamer botnet capture headlines, in competition with the latest ‘leaks’, allegations and counter-allegations about the cyber-espionage activities of China or the US.

Complicating matters, some of this activity has been fallen, it seems, into the hands of the cyber-criminal underground. Former (and current) website hackers, spammers, botnet operators and virus writers seem to provide plausible deniability while still advancing the aims of their ‘host’ governments.

The so-called Syrian Electronic Army is just the latest exponent of this trend. ‘Patriotic’ hackers have been claiming responsibility for successful cyber-attacks as early as the Russia-Georgia war. At that time, the Georgian Ministry of the Exterior website was brought down for a crucial couple of days in a massive denial of service attack, and other websites were penetrated and shut down.

Upon this dark background, the concept of offensive security (the notion that if attacked in cyber-space, you should attack back, rather than just defend) is gaining ground. Unfortunately, not only private sector firms are proposing such schemes but also governments, hastily assembling so-called cyber-armies.

However logical offensive security tactics may seem at first glance, the Internet, as built, does not readily lend itself to applying them. It is very hard, mostly even impossible, to find the identity of a virus writer simply by reading the disassembled code of a virus sample.

It’s similarly impractical and sometimes impracticable to find the ‘patient zero’ of a viral outbreak by traffic analysis, or to map out a network of infected computers in search of its command and control servers.

The attribution problem dates to the beginnings of the Internet (the first spammers were not identified until they came out themselves) and does not look as if it will be solved very soon, not by technical means at least.

Who are the cyber-armies of tomorrow going to fight, since cyber-aggressors are so hard to identify? What is the threshold beyond which cyber-attacks can be considered worthy of response in kind? When will cyber-attacks be deemed worthy of a reply with real weapons? Unfortunately, every state needs to decide its own answer.

It is a duty of all responsible actors in the cyber-security arena to rein in the development of cyber-warfare tools, which can only lead to a generalized cyber-weapons race and to escalation of otherwise limited conflicts from the so-called virtual world into real-world actions with deadly consequences.

Providing reliable, provably effective means of passive defence is a key part of fulfilling this duty. The responsible thing to do is to co-operate within the industry and with governmental and non-governmental bodies as well, to keep the Internet a reasonably safe and secure environment. As shown by Romania’s progress since its internal struggles of the 1990s, the benefits of lighting up a dark landscape with security and stability can be immense.

Related Articles

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More