Here’s a career path. Start out as a florist searching for the perfect balance of red roses and limonium. Eight years later, end up tracking down the spread of viruses for one of the top computer security companies in the world.
After Allysa Myers landed a part-time job as a secretary for McAfee’s Avert Labs division, she did just that.
"I had a pretty good explanation for how it all worked out," said Myers. "As a florist I was helping people, making people smile. Going from that to computer viruses, I was making their day easier."
The way Myers explains it–she’s now a Reverse Research Engineer–she sort of fell into the job. Floristry was seasonal work that fluctuated and didn’t provide enough income in the off months. Tapping a McAfee contact she made as a florist, Myers came on as a part-time secretary.
From there things slowly clicked into place. Though she’d been around computers her entire life, Myers never had a chance to get serious, in-depth knowledge.
"Bit by bit I was able to learn from the guys who’d been doing it for years and years," said Myers. "It’s similar to the way I learned flowers."
The switch couldn’t have happened at a better crossroads. Right around the time Myers began getting interested in the computer world, the dot-com boom of the late 1990s was in full swing. Computer companies of all stripes were thirsty for computer savvy individuals who showed interest in taking on more responsibility.
"Basically there was enormous need for people and very few people had training at the time," said Myers.
Her first step up came when helping a colleague who was working on a book about viruses. His native language wasn’t English, so she helped with the editing process. Afterwards, researchers began funneling small jobs her way.
Within a year, the McAfee made her an analyst, and she began taking on larger and more complex problems.
A real test came quickly, as the Melissa Virus hit the Internet like a house frau in Wal-Mart shortly after her promotion.
"I caught the bleeding edge of that one and started hearing rumors of a document that was circulating and hadn’t seen a sample yet," says Myers. "That was exciting."
As Myers gained expertise, she naturally found a niche and today is one of the leading computer security experts on information crime. Due to the nature of her work, she regularly interfaces with global and national law enforcement agencies and states. The black market for information crime is, "absolutely huge," according to Myers.
Today’s thriving black market is one of the biggest changes Myers has seen seen over the years. These days the criminal element in the electronic world has a much stronger focus on the almighty dollar, using highly sophisticated schemes such as IRC-linked adware and malware bots that can run crippling Denial of Service attacks and credit card theft schemes.
A Denial of Service attack uses the combined power of a large number of individual personal computers to flood a target computer/server with so much traffic that the target effectively halts dead in its tracks, unable to process all of the incoming data.
The owners of the personal computers used in DoS attacks are generally unaware that their machine is compromised. A hacker will install a backdoor program, then funnel in a piece of malicious software (malware) that turns the computer into a machine slaved into a much larger network. The hacker can then direct all the computers under his control to flood the target with traffic over and over again. Though one PC isn’t enough to slow down a major corporation’s website, 10,000 just might.
Popular web portals such as Yahoo and Google are under constant threat from these types of attacks due to their high profile.
Five to ten years ago, computer crimes such as DoS attacks were done for reasons centering more on status and notoriety, said Myers. The days of the fifteen year old teenage hacker counting coup on a corporate website from his parent’s basement are long gone, however.
In its place is a staggeringly complex operation that’s expanded well outside the bounds of the computer screen. "They’re hiring people to be mules in real life who receive packages they’ve purchased online with those stolen credit cards," said Myers. "These are truly international crime rings."
In the next ten years Myers said she forsees the Internet going in one of two directions. In the first scenario the electronic communication infrastructure grows more interconnected and vital to business and life as more and more of the worldwide population gets connected. A general security sense and basic education will teach people how to protect their systems from increasingly devious attacks and acts of computer crime, and the system will prosper.
"Seems like the interconnectedness is what’s making it a lot more interesting and a lot more dangerous at the same time," said Myers. "For example, email used to be fairly simple thing. Spam was not much an issue. You could be sure it was from who email said it was from."
However, the Internet has changed. If people don’t grow more security conscious, the second scenario could play out. In another reality, crime could reduce the Internet to an unusable slagheap, the difficulties in communication due to individuals who don’t understand basic security and fall prey to rampant profit schemes turning the Internet into the modern day equivalent of an impassable jungle.
As to which way it’ll go, only time will tell said Myers. "I’m hoping the way it goes is that they begin to understand these basic security issues," she said. "You lock your doors at night and everything stays safe and usable. That sort of thing."