Cybersecurity: Of Heterogeneity and Autarky

doi:10.1017/CBO9780511511523.005

4 - Cybersecurity: Of Heterogeneity and Autarky

Published online by Cambridge University Press: 18 August 2009

Randal C. Picker

Edited by

Mark F. Grady and

Francesco Parisi

Show author details

Randal C. Picker: Affiliation:
Paul and Theo Leffmann Professor of Commercial Law, University of Chicago Law School; Senior Fellow, The Computational Institute of the University of Chicago and Argonne National Laboratory
Mark F. Grady: Affiliation:
University of California, Los Angeles
Francesco Parisi: Affiliation:
George Mason University, Virginia

Book contents

Get access

Summary

The Internet is an almost organic mix of actors and their machines, an eclectic scheme of government and private decision-making, of nonprofits and for-profits. As in any integrated system, my choices affect your life in a very direct way. So “Zombie PC Army Responsible for Big-Name Web Blackout” sounds like a headline from a bad Hollywood B movie when instead it means that computer users could not access the websites of Apple, Google, Microsoft and Yahoo because a Trojan horse program – which, by definition, had been placed surreptitiously on thousands of personal computers, turning those machines into zombie computers under the control of their cybermaster – launched a simultaneous attack on a key piece of the domain name system infrastructure (Lemos and Hu 2004). Here we have perhaps one bad actor, thousands of sloppy computer users, and externalities galore.

Taking down prominent websites is one way for a malicious computer programmer to seek fame (perhaps infamy), but spam provides perhaps a more meaningful way in which the day-to-day computer experience is degraded by our shared network decisions. Some estimates suggest that 80% of spam arises from zombie machines (Sandvine Inc. 2004). Many of these are residential PCs with broadband hookups. Why? This is the dark side of Yochai Benkler's (2004) work on shareable goods. From the consumer's perspective, both the PC and the broadband connection are shareable goods. Given the lumpiness of processing power, the average PC user has power to spare.

Type: Chapter
Information: The Law and Economics of Cybersecurity , pp. 115 - 140

DOI: https://doi.org/10.1017/CBO9780511511523.005 [Opens in a new window]

Publisher: Cambridge University Press

Print publication year: 2005

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Alces, Peter A. 1999. W(h)ither Warranty: The B(l)oom of Products Liability Theory in Cases of Deficient Software Design. California Law Review 87:269CrossRef Google Scholar

Bank, David. 2004. Computer Worm Is Turning Faster. Wall Street Journal, May 27Google Scholar

Benkler, Yochai. 2004. Sharing Nicely: On Shareable Goods and the Emergence of Sharing as a Modality of Economic Production. Yale Law Journal. 114:273CrossRef Google Scholar

Borland, John. 2003. RIAA Sues 261 File Swappers. CNET News.com, September 8. http://news.com.com/2102--1023_3--5072564.htmlGoogle Scholar

Bradley, Tony. 2004. What Is in a Name? http://netsecurity.about.com/cs/generalsecurity/a/aa070303.htm

Brown, Harry Bates, and Ware, Jacob Osborn. 1958. Cotton. 3rd ed. New York: McGraw-HillGoogle Scholar

CERT. 1998. Smurf IP Denial-of-Service Attacks. CERT Advisory CA-1998–01

Christidis, Basil G., and Harrison, George J.. 1955. Cotton Growing Problems. New York: McGraw-HillGoogle Scholar

Delaney, Kevin J. 2004. Web-Data Hackers Thwarted, but PCs Are Still Vulnerable. Wall Street Journal, June 28Google Scholar

Dixit, Avinash K., and Pindyck, Robert S.. 1994. Investment under Uncertainty. Princeton, NJ: Princeton University PressGoogle Scholar

Dreazen, Yochi J. 2002. Behind the Fiber Glut. Wall Street Journal, September 26, Section B, p. 1Google Scholar

Epstein, Richard A. 1980. Modern Products Liability Law. New York: Quorum BooksGoogle Scholar

Geer, D., et al. 2003. The Cost of Monopoly. http://ccianet.org/papers/cyberinsecurity.pdf

Lemos, Robert. 2004. Sprint Touts Off-Net Networks. CNET News.com, July 22. http://news.com.com/2102--7355_3--5280148.htmlGoogle Scholar

Lemos, Robert, and Hu, Jim. 2004. Zombie PC Army Responsible for Big Name Web Blackout. CNET News.com. http://software.silicon.com/malware/0,3800003100,39121439,00.htmGoogle Scholar

Lichtman, Douglas, and Picker, Randal C.. 2003. Entry Policy in Local Telecommunications: Iowa Utilities and Verizon. Supreme Court Review 2002:41CrossRef Google Scholar

Lyman, Jay. 2003. Denial-of-Service Attack Brings Down Microsoft. TechNews World, August 4. http://www.technewsworld.com/story/31258.htmlGoogle Scholar

McCullagh, Declan. 2002. Recording Industry Site Hit Again. CNET News.com, September 3. http://news.com.com/2102--1023_3--956398.htmGoogle Scholar

Motter, Adilson E., and Lai, Ying-Cheung. 2002. Cascade-Based Attacks on Complex Networks. Physical Review 66:E 065102(R)Google Scholar PubMed

National Science Foundation. 2003. Taking Cues from Mother Nature to Foil Cyber Attacks. http://www.nsf.gov/od/lps/news/03/pr03130.htm

National Security Telecommunications Advisory Committee. 2004. Electric Power Risk Assessment. http://www.ncs.gov/n5_hp/Reports/EPRA/electric.html

Nuclear Regulatory Commission. 2003. NRC Issues Information Notice on Potential of Nuclear Power Plant to Worm Infection. NRC Press Release No. 03–108

Picker, Randal C. 2002a. Pursuing a Remedy in Microsoft: The Declining Need for Centralized Coordination in a Networked World. Journal of Institutional and Theoretical Economics 113:158Google Scholar

Picker, Randal C.. 2002b. SimLaw. University of Illinois Law Review 2002:1019Google Scholar

Pope, Justin. 2004. Biology Stirs Microsoft Mono-Culture Debate. http://concretewerk.com/blosxom/archives/monoculture.html

Quarterman, John S. 2002. Monoculture Considered Harmful. First Monday, February. http://www.firstmonday.dk/issues/issue7_2/quartermanCrossRef Google Scholar

Reardon, Marquerie. 2004. Cisco Bets on New High-End Router. CNET News.com, May 24. http://news.com.com/2102--1033_3--5218356.htmlGoogle Scholar

Rink, David. 2004. Computer Worm is Turning Faster. Wall Street Journal, May 27Google Scholar

Sandvine, Inc. 2004. Trend Analysis: Spam Trojans and Their Impact on Broadband Service Providers. http://www.sandvine.com/soloutions/pdfs/spam_trojan_trend_analysis.pdf

Scotland Yard and the Case of the Rent-A-Zombies. 2004. CNET News.com, July 7. http://news.com.com/2102--7349_3--5260154.html

Stewart, Christopher S. 2004. Fighting Crime One Computer at a Time. New York Times, June 10, Section C, p. 5Google Scholar

U.S.-Canada Power System Outage Task Force. 2004. Final Report on the August 14, 2003 Blackout in the United States and Canada: Causes and Recommendations

US-CERT. 2004. Cyber Security Bulletin SB04–147. http://www.us-cert.gov/cas/body/bulletins/SB04--147.pdf

U.S. Department of Agriculture. 2004. Historical Track Records.Washington, DC: U.S. Department of Agriculture, National Agricultural Statistical Service

U.S. Department of Homeland Security. 2003. Ridge Creates New Division to Combat Cyber Threats. Press release, June 6. http://www.dhs.gov/dhspublic/display?theme=52&content=918

U.S. Department of Homeland Security. 2004. U.S. Department of Homeland Security Improves America's Cyber Security Preparedness – Unveils National Cyber Alert System. http://www.us-cert.gov/press_room/cas-announced.html

U.S. Department of Justice. 2004. Special Report on “Phishing.” http://www.usdoj.gov/criminal/fraud/Phishing.pdf

U.S. Secret Service. 2003. United States Secret Service and Romanian Police Work Together to Solve Major Computer Fraud Investigation. http://www.secretservice.gov/press/pub2503.pdf

Warning: Microsoft “Monoculture.” 2004. Associated Press. http://www.wired.com/news/privacy/0,1848,62307,00.html

White House. 2003. The National Strategy to Secure Cyberspace. http://www.whitehouse.gov/pcipbcyberspace_strategy.pdf

Whittaker, James A. 2003. No Clear Answers on Monoculture Issues. Security and Privacy 6:18CrossRef Google Scholar

Book contents

4 - Cybersecurity: Of Heterogeneity and Autarky

Summary

Access options

References

Save book to Kindle

Save book to Dropbox

Save book to Google Drive