Criminals find safety in cyberspace |
 |
By Bill Brenner, Senior News Writer
18 Dec 2006 | SearchSecurity.com |
|
|
A new report from McAfee Inc. explains one of the reasons why so many criminals have set their sights on cyberspace. It's simply safer and more lucrative to steal online from the comfort of the nearest Starbucks than to jump out at people in dark alleys.
|
|
|
|
|
It's a lot safer to run a botnet than it is to go to the street and break someone's kneecaps.
David Marcus,
security research and communications manager, McAfee Avert Labs
|
|
|
|
|
|
|
|
|
|
That has made it easier for organized criminal outfits to recruit people to do their bidding -- including students as young as 14, said David Marcus, security research and communications manager for McAfee Avert Labs in Santa Clara, Calif.
"For organized crime, the Internet is the best thing to come along since bootlegging and moonshine," Marcus said. "And it's a lot safer to run a botnet than it is to go to the street and break someone's kneecaps."
Organized crime is recruiting teenagers who feel safer doing illegal activity online than in the street, according to a McAfee Virtual Criminology Report.
The second annual, which draws on input from Europe's leading high-tech crime units and the FBI, suggests that criminal outfits are targeting top students from leading academic institutions and helping them acquire the skills to commit high-tech crime on a massive scale. The tactics used to groom them are much like those the KGB used during the cold war, the report said.
"Organized crime lacks the technical skills to rob people online, but it does have the money to find 16-year-olds, get them trained and put them in a company where they can be an insider threat," Marcus said.
The sense of immunity people find in cyberspace also makes them more willing to engage in criminal activity than if they were operating in the real world. Someone who won't steal an elderly woman's pocket book might be willing to sit in a Starbucks and try to penetrate a network, Marcus said, adding, "They sit there sipping coffee and looking at their laptop, and for all people know they're just surfing the Internet. And they don't have to see the victim."
Given the situation, IT shops should expect and prepare for increasingly nasty and prolific threats in 2007 and beyond, Marcus said. IT professionals should also start thinking of a game plan to secure hand-held devices because that's the next big target of these criminals.
"Mobile is a big area of fascination for both the research community and the criminals," Marcus said. "We're not seeing a lot of mobile malware now, but you'll see more of it in the next 10 months because hand-held devices are getting more advanced and becoming more like your PC."
He said governments around the world also need to deal with the threat by making better global laws to address issues like extradition. Criminals are more likely to base themselves in countries without extradition laws, he said, adding, "Why would I traffic in drugs and be in danger when I can do this other stuff in an anonymous atmosphere in another country with no extradition laws?"
Among the report's other findings:
Cybercriminals are increasingly resorting to psychological warfare in order to succeed Phishing emails have increased by approximately 25% over the last year but are harder to detect as they increasingly trick unsuspecting people with ordinary scenarios instead of improbable ones such as sudden cash windfalls.
Cybercriminals are being drawn to the huge crowds of social networking and community sites. Loading fake profiles and pages with adware, spyware and Trojans, malware authors are cashing in on their popularity. They are also collating personal information divulged online to formulate virtual twin identities for fraudulent purposes.
Data is continually exposed without the need for sophisticated attacks. Password proliferation for consumer and work devices means often simple guesswork unlocks the door; and removable media devices like USB sticks make it easier to steal inside information.
Botnets are now the preferred method for Internet thieves to launch attacks. At least 12 million computers around the world are now compromised and are used for phishing schemes, illegal spamming, spreading pornography and stealing passwords and identities.
Smartphones and multifunctional mobile devices are making portable computers essential lifestyle accessories and cybercriminals will increasingly mine them for valuable information in the coming months. The increasing use of Bluetooth and VoIP will also lead to a new generation of phone hacking.
|
|
|
|
