The Fight Against Cybercrime
By Isaac Stalnaker
September 8, 2000
HONG KONG -- "How do you explain missing data when you don’t know the data is missing?" Erik Laykin, president of digital assets protector OnlineSecurity, asked the IandI Asia audience last night. "How do you find the hacker who is penetrating your system if you don’t know if your system has been compromised to begin with?"
Thought-provoking questions like those highlight just how vulnerable digital assets are. Laykin outlined current and future Internet security issues such as cyber terrorism, electronic discovery, data reconstruction and intellectual property protection. He also cited case studies and some examples of "security cracks" from the previous two days, including netfinancials.com, egghead.co.kr and Seoul National University.
The mantra of OnlineSecurity, he said, is "protection, prevention, preservation and perseverance."
"The Internet is the next step forward from TV and radio, providing full access to information and further breaking down cultural barriers, all in real time," Laykin said. The global access to information is astounding. "The future of the web is the future of mankind."
He highlighted the risks involved with the unregulated exchange of information as well as the breakdown of copyright laws, jurisdictional uncertainties and the degradation of current tangible structures such as courts and police. Laykin emphasized that "with the freedom of access to all types of information comes a new social order based on personal responsibility that will transcend into corporate responsibility."
Laykin advocates a proactive approach to Internet security. "Take security seriously because that is the lynchpin," he advised. "If you protect your customers’ data, if you protect your employees’ privacy, if you protect your own company, then you’re doing your job in the grander scheme of things to regulate and enforce rules on the Net through our community. We don’t have to wait for the US congress to pass a law to tell us how to operate."
He explained that increasing amounts of electronic data equal higher risks of a systems breach by unauthorized parties. Factors include open systems architecture, poor user abilities, inherent user fear and aggressive crackers. Laykin has been asked about the love-bug virus nonstop since its costly rampage around the world in May. He noted that pre-emptive and proactive security policies could have been used to detect the virus and the correct software system could have looked for messages that were out of the ordinary.
OnlineSecurity has its own team of technical wizards to combat the cybervillians who attempt to violate the privacy of individuals and companies. Laykin explained that sending for these antihackers, called freaks -- Fast Response Electronic Action Knowledge Squad -- is "like calling the Ghostbusters." This group includes specialized programmers as well as white hat hackers -- converts from the dark side. Also on the freak team are top graduates from MIS programs, traditional investigators, internal marketers and an experienced management team.
One fear, Laykin noted, is that if the government sphere of influence penetrates the free exchange of information over the net, freedom and privacy will both be threatened. He referred to the British black box ISP monitor, which would monitor all ISPs in the UK. He asked the audience: "What happens when you lose control over the Internet?" and "Who is losing control?" He pointed out that the FBI has unveiled its Carnivore program to monitor communications systems for illegal activities. "What if the FBI inserts this program onto an ISP server in the interest of the public good and says we’re going to monitor only the [messages] of the bad guys?" Then adding "where does your personal privacy end, and where does it begin? Laykin has a clear opinion on the difficulty of a 100 percent secure Internet, "the only completely secure system is the one you unplug."
A founder and president of OnlineSecurity, Laykin has engineered and designed secure e-commerce sites for numerous corporations, including Warner Brothers, AOL, the Hong Kong Tourist Association, Toyota and numerous e-commerce startups. He manages the company's strategic alliances with international law firms and corporations and directs its industry and information technology specialists, who in 1997 pioneered the discipline of Internet Investigations. Laykin serves on US federal and state level discovery advisory subcommittees on the rules of civil procedure as they pertain to electronic discovery and the admissibility of electronic evidence in courts of law. He is currently advising several governmental enforcement agencies, including the FBI, on methodologies and techniques of digital evidence gathering and the tracking of cybercriminals. Laykin is a frequent lecturer at conferences in the US and abroad.