I've read a startling headline topic twice in the past 10 days: High-profile Web sites are moving to obtain hacker insurance. That topic is startling because I see it as a huge obstacle in the push toward popularizing e-commerce. When you think about it, don’t intruders actually control these hacker insurance policies outright?
Let me clarify. I'm only using the term "hacker" because that's what confused members of the media mistakenly call crackers and other types of network intruders. Hackers are good guys, and the crackers, Denial of Service (DoS) launchers, and other malicious intruders are the bad guys.
So what is this so-called hacker insurance? First, look at how the insurance system works: In case of a loss, the insurance company pays a sum of money to the insured suffering the loss. So hacker insurance pays for losses suffered due to a hacking incident. In most cases, the more you pay for insurance, the better coverage you receive. At the top end of the insurance spectrum, the sum paid for a loss usually equals the amount lost.
Insurance costs depend on the risks involved. In other words, the greater the risk the higher the cost of insurance. So who ultimately controls the risks (and thus the insurance premium costs) from distributed DoS (DDoS) attacks? The intruders! Intruders control at least 90 percent of the risk involved with running an online e-commerce site because DDoS attacks are largely indefensible at this point in time.
Think about that situation for a moment. Insurance rates factor into the cost of doing business, and companies pass these costs to the consumer in the price of a given item or service. Right now, companies such as Amazon.com enjoy great success because of their competitive pricing and ease of shopping. However, with intruders controlling insurance rates indirectly, how long can Amazon.com's success last? Will intrusions drive up the cost of books and other products at Amazon.com? You bet they will. You can also bet that the same thing will happen in every other sector of e-commerce—and it doesn't stop there.
Imagine that the Internet has become a new front for new kinds of wars. In these wars, new e-commerce companies destroy local storefront economies by out-pricing them with lower overhead and better buying power. In time, mom-and-pop shops close, defeated by the new e-commerce giants. Meanwhile, their children, who are now suffering from a poorer family life and lackluster future because of a closed family business, retaliate by launching DDoS attacks against the e-commerce giants who forced their parents out of business. As a result, hacker insurance rates soar, which causes e-commerce-based product and service prices to rise.
Far-fetched? Think again. This scenario is happening right now in global politics, lower and higher education, and e-commerce markets. The Internet is quickly becoming a new type of pseudo war zone where people can launch an attack from anywhere they can get a dial tone. Start a makeshift war without leaving the house—that's power. That power will be available to anyone that can pay for a dial-up account until enough disrespect is shown to force stronger controls. We're headed in that direction at lightening speed.
If intruders continue to turn the Internet into a war zone by attacking networks, we'll all suffer the consequences. Intruders are taking us directly into strict, heavy-handed controlled access to the Internet.
To the instigators of DDoS attacks and Web page defacements, I say, "Think about the big picture before you act so selfishly. What's more important? Your 15 seconds of fame or everyone's shared freedom in the online world?"
And to the new giants of e-commerce I say, "Spend your money on serious technology improvements, not empty insurance policies that feed inflation and slow the acceptance of e-commerce." The online world has enough bandages in place already. Don't waste time endlessly guarding against risks—work to eliminate the risks permanently. The best use of your money is to give it to those who can create the necessary changes. Until next time, have a great week.
