Incident
Waiting to Happen
Samuel
Warren
CS481
Dan
Morrill
City
University
December
12, 2011
Incident
Waiting to Happen
When
the internet was invented, the goal was to allow computers to share information
(Howe, 2010). That goal has since exploded into people sharing music, videos,
software, and even their own lives with others through social media. The
problem: music, movies, and software, unless shared freely by the authors, have
very powerful protection associated with them. So much so that if one uses any
of the aforementioned media that was not purchased, and is caught, one may face
fines or even imprisonment. Instead of outright hosting files for download on
their own personal sites, those who pirate bootlegged media use what are called
“Torrents.”
Torrents
work by having a person host the file “seed” to a site. Then someone can go to
that particular site, find the file, and begin downloading. The more
individuals hosting the file, the quicker the download speed is. “Unlike other
download methods, BitTorrent maximizes transfer speed by gathering pieces of
the file you want and downloading these pieces simultaneously from people who
already have them” (Carmack, 2005).
The biggest
problem for the Department of Justice concerning pirating is attempting to stop
literally millions of people from downloading media from Torrent sites, such as
“piratebay.org.” In this case, anonymity is a powerful ally for the pirates.
However, there is a new potential game changer for the Department of Justice, the
F.B.I., and other policing agencies that tracks what was downloaded by IP
address. It is simple, just go to the website, “http://www.youhavedownloaded.com/#”
and it scans your IP address and determines if you have ever downloaded any
torrent.
From
a security analyst perspective, the goal is to protect the data and the
customers from undue risks. If a security analyst uses tools like the
previously mentioned site and checks one of the many IP addresses his/her
organization has, he/she could very easily see if someone has ever downloaded
files from Torrents. However, not every file is necessarily pirated. For
example, open source software that downloads faster on a torrent, someone may
have purposefully attached a worm or Trojan to the file. The worst part is that
if the file is downloaded outside the corporation’s purview, say while working
from home, the user downloading the file would infect the computer. Then when
they returned to their network, if there was not a strong scanning system in
place, the rest of the network could possibly be infected. A security analyst
should file an incident with the senior management to create awareness of a
potential breach, exposing the customer base. The next responsible choice is
notifying the clients of a potential risk that their data may be exposed.
This
is a very serious situation, because no matter the reasoning behind the
download, there is no way to validate, prior to download, if the source is
trustworthy. As a security analyst, one has to be constantly vigilant. If an
analyst ever discovers that one of their users has downloaded pirated
materials, a security incident ought to be filed with management to make them
aware that someone has downloaded a file that is either pirated, or may be
potentially dangerous. Responsible managers may choose to take action, if
possible, against their employee, but notifying the customer base of a possible
breach is something that should be done immediately upon detection of torrent
download.
References
Howe,
W. (2010, March 24). A brief history of the internet. Retrieved from http://www.walthowe.com/navnet/history.html
Carmack,
Carmen. (2005, March 26) How BitTorrent Works. HowStuffWorks.com.
Retrieved from
http://computer.howstuffworks.com/bittorrent.htm
Morrill,
D. R. (2011, December 11). Spy on bittorrent i know what you have downloaded.
Retrieved from
http://it.toolbox.com/blogs/managing-infosec/spy-on-bittorrent-i-know-what-you-have-downloaded-49711
No comments:
Post a Comment