Summary
1. Current laws allow and perpetuate illegal access. 2. Security vendors are inadequately trained at software trap doors and administrative access systems. 3. Law enforcement cannot protect what it cannot understand. When the U. S. Congress passed the Digital Millennium Copyright Act, they included provisions that allow copyright holders to place mechanisms inside of their software to prevent unauthorized copying. When this act was first passed, it was hailed as a way to prevent copyright infringement. What it really has done is to ensure that a virus in Topeka can be found in Tokyo within the day. If you quiz security and intrusion detection vendors, they echo what I am saying. These administrative holes are why the Internet is a lucrative market for criminals. As a notorious bank robber was once quoted when asked why he robbed banks "because that is where the money is" is a sentiment that is shared by criminal enterprises all over the world.
Analysis
Most companies address only the most rudimentary levels of security. This allows catastrophic system damage to propagate through a network in minutes. We train "security" personnel and they could not begin to tell you how to disassemble a software to see where the holes are at much less what they mean.
The reality of security reflects that in many places, these trapdoors are a potential source for intelligence and no nation currently using these mechanisms will even discuss these matters.
All the criminals do is to discover what is already in place. There are other mechanisms that can protect better. We just have to be willing to use them.
