The Price of Hackers, Spammers and Abuse: When Is It Too Much?

21 Comments

Google (s GOOG) announced Thursday it will shut down its Translate API entirely later this year, “due to the substantial economic burden caused by extensive abuse.”

While the issue of whether the company is justified in shutting down the API (and cutting off a resource upon which developers have based important features and even entire companies) is already a major source of debate, the news raises an interesting general question. When it comes to dealing with the ever-present threat of hackers and spam abuse, when should a web company cut its losses?

Any tech company offering web services in a sizable capacity has to deal with the threat of hackers, spammers and abuse. Just like national defense budgets, it seems that the bigger the tech superpower, the bigger the cost of keeping the hackers at bay. Indeed, Google is certainly not alone in facing expensive security needs of late. Earlier this week, consumer electronics stalwart Sony (s SNE) reported it has already spent more than $170 million dealing with last month’s PlayStation Network hack, adding it will likely spend additional money responding to class action lawsuits stemming from the attack.

The tech industry’s rising stars have found that as they’ve grown, their security needs have expanded in kind. Twitter has said it’s “constantly battling against spam” on its system. “Like it or not, as the system becomes more popular, more and more spammers will try to do their thing,” the company wrote in a blog post last year. And as many as 20 percent of Facebook’s employees are reportedly tasked with focusing on security-related issues.

Hacking and other online abuses will almost certainly become a bigger problem in the coming years as more and more of the world comes online. Weighing the cost of fending off the proverbial barbarians at the gates will continue to be a constant dance for tech companies large and small. And whenever the risk/reward balance of running a certain unit tips into unprofitable territory, it’s within the company’s right to cut it off — regardless of who else it effects. If nothing else, it’s a reminder of the dangers of building a business on another company’s API, especially in today’s increasingly volatile world of online security.

21 Comments

Peter

Good article. I am getting sick and tired of Anynomous and other hacker groups who believe they can ‘impose’ their rules on anyone who may have a different view, whether it is Google or PBS or BMI (reprenting writers, authors, musicians, publishers) or even people who stand up for copyright protection and reinforcement. It’s cyberbulling, if not cyberterrorism, and it is about time the government do something about it. Normally I’m not big on government intervention but this is hurting legitimate businesses and consumers, big and small, it is costing us money and it is interfering with and even destroying useful services. It has got to stop.

Amelia@ Ethical Hacking

Another excellent tool gone to waste because of black hack attacks. I totally agree with you Colleen. This type of attack will continue to grow in the coming years with deadlier threats and more destructive capabilities. Hey, even Mac computers were attacked. And we all thought this would be impossible to do.

Google’s official statement was “The Google Translate API has been officially deprecated as of May 26, 2011. Due to the substantial economic burden caused by extensive abuse, the number of requests you may make per day will be limited and the API will be shut off completely on December 1, 2011. For website translations, we encourage you to use the Google Translate Element.”

Stephen Cobb

Good article Colleen and a pity you got so many negative and off-topic comments. When you’ve spent 30 years dealing with computer fraud and abuse you realize that bad behavior by humans is the root of the problem and that criminal hacking and spam are related. It’s all about people putting their own selfish interests ahead of the shared public interest to try and make a buck at the expensive of others, wasting millions of dollars and undermining trust in the process. Nothing would boost the world economy more than a reduction in bad behavior, just as a major reduction in Medicare fraud could save Medicare.

Thank you for paying attention to this issue.

Stephen Cobb, CISSP

Colleen Taylor

Thanks for your input Stephen. I’m glad to hear that as a security professional, you agree there’s a connection there as well.

Stephen Cobb

Good article Colleen and a pity you got so many negative and off-topic comments. When you’ve spent 30 years dealing with computer fraud and abuse you realize that bad behavior by humans is the root of the problem and that criminal hacking and spam are related. B

frmkla

But then.. what will happen to all those people who are using google translation.. ?

Ian Kemmish

What sort of business can you base on somebody else’s mechanical language translations? You can’t sell translation services, and if you use it to translate portions of your website without human proofreading, then you’re just advertising that you either can’t afford or can’t be bothered to do a proper job. Would you want a website whose grammar appeared as bad to foreigners as the grammar of foreign mechanically translated spam appears to you?

Anyone who bases a business on that deserves everything they get. Which probably won’t be customers.

N Lyons

This reminds me of one day when I had a +2 standard deviation kind of day out bike riding and I got 3 flats. I thought that if every time I went out to ride my bike I got 3 flats I wouldn’t be riding my bike much anymore.

However, I think the story here is WHY is Goggle shutting down its Translate API? You don’t include the details of that in the story and that is what I want to know.

bmovie

Good beginning of an excellent article. Why don’t you finish writing it?

American365

Or better yet… open up all your code like Linux and forgo capitalism and no more hacking.. See? big money + no morals = big hacking

American365

hire more consultants.. hire more people.. if everybody’s well employed then no idle hackers sharpening their talents.

DNN

It’s always gotta be someone messing it up for others. Darn it! I know 1st about ppl messing things up for you, like plotting to get your scholarship snatched because they’re jealous they can’t , didn’t accomplish , and don’t have the faith to do what you did in working for it, and doing something successfully as a person or company. Spammers and haters are everywhere. Just gotta stay innovative and creative =)

Protocol

I really don’t see how the Google Translate API has anything to do with Hackers. I mean really are you gonna translate yourself into a system? Spammers maybe could spam in multiple Languages. Sony getting hacked and its Cost has Nothing to do with Googles Translate API which will be missed BTW. It seems nothing more than another situation where “Hacking” gets villafied in the media. Where the real Hacker is the security professional doing and creating forensic analysis tools to decipher, defend, and patching the holes in the security systems, Not the script kiddie with a botnet trying to DDOS a site or make a name for there crew, Sorry but IMHO this story was poorly written and thrown together last minute as filler. D- Overall

Ayn

I think you missed the point. This article is about the cost of doing business online. If a giant company like Google is shutting down part of it business (Translate API) “due to the substantial economic burden caused by extensive [b]abuse[/b].” then when is it too costly to deal with hacker, spammer, and abuse to keep part of your company in business.

Colleen Taylor

Thanks for your comment Ayn; that is indeed what I was trying to focus on with this article.

Harsha

of course we can expect still higher level of prevention ways from this search engine company..

Ralph Haygood

Really, Google? You’re shutting down the API instead of fighting back with smarter engineering? That’s unlike you, and it bodes ill for your future (and a lot of other people’s too).

Lucian Armasu

The spam issues are completely unrelated to the Sony attacks. I also don’t think spam relates much to security. Sony simply had a network full of holes an they went ahead and pissed off a lot of hackers. What was it? “Don’t throw rocks if you’re house is made of glass”?

Colleen Taylor

Thanks for your comment Lucian. You have a good point– the
Sony situation is certainly unique.

Here I’m just trying to highlight the more general issue that web companies have to devote huge amounts of time and money into defending themselves. It’s interesting to watch how different firms balance those costs with what should be their core focus: Developing new technologies.

Comments are closed.