| Cybercrime cost $400 billion in 2004 with 2,000 new threats emerging each month compared to 300 two years ago, says a new report from McAfee. According to the McAfee Virtual Criminology Report: North American Study into Organized Crime and the Internet, 85% of malware (malicious software) is now being written to make a profit. Here are some of the key findings from the report. The timing of the increase in cybercrime comes as more people and information are online. E-commerce reached $70 billion in the US in 2004, representing a 24% increase from the previous year, and approximately one third of the US workforce or 50 million people are now online. Almost half of the Internet users in Canada and the US - approximately sixty million residents of North America - have online bank accounts. As a result cybercrime has evolved into a very professional activity. Online fraud can be divided into 7 main categories: - Extortion - cybergangs threaten to disrupt a company's network or steal corporate information if the does not pay a ransom or "security consultant" fee to an off-short bank account.
- Reputation damage - the defacement of a company website can damage reputations and interrupt sales. The threat of defacement is sometimes used as part of an extortion scheme.
- Fraud - there are many forms of fraud, from the Nigerian scams where an alleged wealthy individual with tens of millions of dollars asks for help getting money out of their country to fake stock promotion in online chat rooms. Another recent example would be the criminal who sent fake emails that claimed to be the Red Cross soliciting donations after the terrorist attacks in London; the emails did not originate from the Red Cross and any money donated went to a criminal, not the relief effort.
- Phishing - this occurs when a criminal pretends to be an organization that manages your money and/or personal information, such as a bank, credit card company, retailer or auction website. It usually starts with an urgent email insisting that you update your information; when the user clicks on the email they are taken to a website that looks identical to the real site. Psychological manipulation is an important aspect of this type of crime. Users are often tricked into thinking that they are about to have their personal information stolen, which urges them to take action that they think will prevent the theft.
- Service disruption - these are Internet attacks designed to take out a key corporate service such as email. Viruses and computer worms are often used to carry out these attacks, and the threat of disruption may be used as part of an extortion scheme.
- Information theft - with this type of information theft criminals steal information - credit card numbers, personal data or corporate information - by hacking into databases or corporate networks. The report notes that while reports of information theft are declining, this can be one of the most damaging forms of cybercrime that a company can face.
- Money laundering - the Internet has made it easy to conduct banking operations across borders. While transactions can be traced, the sheer volume of transactions, the anonymity and a lack of consistent record-keeping make this form of money laundering attractive to criminals and terrorists.
The international nature of the Internet is a significant challenge to those fighting cybercrime. Laws vary from country to country and there are many challenges when collecting digital evidence. Criminals targeting consumers or businesses in North America may never set foot on North American soil.
Readmore...
| 
No comments:
Post a Comment