Computer Crime Research Center


High-Tech Crimes Revealed: An Interview with Stephen Branigan

Date: October 28, 2004
By: By Steven Branigan, Seth Fogie

... team sports.

Seth: Have you ever downloaded an "illegal" MP3?

Steven: I have tried napster/aimster and gnutella. I discovered that it was incredibly easy to find and download MP3s. They certainly proved a serious threat to the music industry. I downloaded "The Cars-Door to Door" (from a CD that I had already purchased). The quality of the download was not very good. The version I ripped from my CD was better.

Ultimately, it's important that artists have the chance to be rewarded for their work. That's why downloading copyrighted MP3s is wrong, and is a problem for the industry. And that's why I'm pleased to see that iTunes, Musicmatch, Wal-mart,, and others are now selling MP3 singles over the Internet. I think that most people want to do the right thing and pay for a song, and now they have the opportunity to do so. I think that this will be the most effective strategy to get the majority of the people to stop illegal copying of music.

Seth: The book discusses some of the difficulties authorities face as a result of boundaries. How is globalization changing this situation? Are things getting easier for the good guys when trying to track down and stop the bad guys? Or is globalization not affecting this arena?

Steven: Globalization and the Internet are inseparable. I am cautiously optimistic about the progress that has been made over the past few years with multinational organizations such as the G-8, North Atlantic Treaty Organization (N.A.T.O.), and the Organization of American States (OAS). They're working very hard at making transnational computer crime investigations easier for law enforcement.

Seth: Government and big business are repeated targets for the hackers in the book. Are they easier targets, and are they aware of the threats of a hacker attack? How are they dealing with it?

Steven: I don't think it's that they're easier targets. I think that both government and big business are attractive targets because they're perceived to have interesting information. They're also better able to detect attacks than home users are. Not many home users track the number of times hackers are attacking them. But I do! Just a quick look at my August 2004 stats reveals that this one system was attacked 154 times in one month!

The best I've seen are dealing with the threats by:

* Improving awareness among their people
* Improving the technology that they use to secure their networks
* Re-architecting their infrastructure to limit the damage from a single hacker attack

Seth: What's your normal workday like? Do you spend a lot of time traveling?

Steven: There's no such thing as a normal workday for me! I'm devoting my efforts to growing CyanLine, my new company which is focused on "untethered" security.

Seth: What are some of your favorite security books?


* Firewalls and Internet Security: Repelling the Wily Hacker by William Cheswick, Steven M. Bellovin, and Aviel D. Rubin (Addison-Wesley, 2003, ISBN 020163466X)
* Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage by Cliff Stoll (Pocket, 2000)
* Masters of Deception: The Gang That Ruled Cyberspace by Michelle Slatalla and Joshua Quittner (Perennial, 1996)

Seth: Do you ever work with "Whitehat" hackers? What do you think of this practice (hacking with the intention of bringing security holes to light, without the intention to cause harm)?

Steven: I am a little uncomfortable with the term Whitehat hacker. I love the computer security research community that has proven their ability to discover weaknesses and bring them to light in a way that doesn't cause harm. They're successful because they're self-policing and they use peer review. Without these controls in place, it's hard to ensure that you're truly not causing harm
Add comment  Email to a Friend

Discussion is closed - view comments archieve
2004-11-04 14:58:30 - I currently attend school for Criminal... Kimberly
Total 1 comments
Copyright © 2001-2024 Computer Crime Research Center
CCRC logo