eBay security chief slams online crime 'hype'

Summary:eBay security chief slams security community for creating hype about online crime

The head of eBay Australia's IT security has slammed the wider security community for making it difficult for users to learn about using the Internet safely, because they sensationalise online crimes and keep changing the names of potential threats.

Speaking at the AusCERT 2006 conference in the Gold Coast today, Alistair MacGibbon, Australian director of trust and safety at eBay, told delegates that Internet-based crimes are no different to crimes in the real world.

"There is nothing new about the Internet crimes we see and there is nothing new in the ways we have to fight them," said MacGibbon.

"Hacking is breaking into someone's computer system and tampering with data or stealing it. Is it any different from so long ago when people would break into the store room and steal the files of a company?".

MacGibbon said that in the online space there is obviously an issue with jurisdiction and also what the victim experiences, but essentially he said they were exactly the same crimes with the same motivations as in the offline world.

One prime example of what confuses users is the constant name-changing when it comes to potential threats - such as phishing.

"Phishing is about tricking someone into giving out details online -- like their password or their personal credentials when we know they shouldn't. Social engineering was about exactly the same thing.

"We have phishing one day, spear phishing the next, deep sea phishing and puddle phishing. All of them are variations on a theme and none of them different to the other crime," said MacGibbon.

"We sensationalise those crimes and make it much harder to educate consumers," he added.

Even without the added hype, fighting crimes and educating the public on how to go about their business safely is not an easy task, said MacGibbon, who is a 15 years veteran of the police force and an ex-director of the Australian High Tech Crime Centre.

As an example, MacGibbon cited murder rates, of which he said criminologists spend years trying to collect accurate data so it can be analysed and checked for trends.

"Even with something as simple as counting murders we have spent years trying to do it. Why? Because the definition in the legislation is different. The definition in the forms that get ticked in the various agencies are different. So our ability to count that crime in the offline space is difficult," said MacGibbon.

Munir Kotadia travelled to the Gold Coast as a guest of AusCERT.

Topics: Security, AUSCERT, Browser, E-Commerce, Enterprise 2.0, Legal

About

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.Munir was recognised as Austr... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.