[ insider_reports_insider ]
Life Is Cheap Online
David Utter
Staff Writer
2007-03-20
 Insider Reports RSS Feed
Symantec said in its latest Internet Security Threat Report, for the period of July through December 2006, that the access to essential details about a person's identity could be had for a low price of $14.
 | | Life Is Cheap Online |  |
The myriad threats posed by online criminals became worse as they have started to organize in ways that would make the old Mafia proud. Bugsy Siegel had nothing on the crooks working in concert to steal financial information.
Symantec's newest report paints a picture of cybercrime that is so scary and bleak, it might make people long for the days where the Olivetti manual typewriter represented the pinnacle of communicating with others. To be very blunt, there are a lot of computer users out there who should be restricted to the MS25 Premier Olivetti model until they learn not to click on links in email.
The report found that 93 percent of all targeted attacks focused on home computer users. That has reaped rewards for criminals, whose command and control bots on infected PCs in the US account for 40 percent of the global total.
With Symantec now tracking 'Underground Economy Servers,' they found 51 percent of these operating in the US, which also accounted for thirty-one percent of all malicious activity that took place for the six-month period measured.
Those Underground Servers facilitate a thriving black market of personal information. Life is very cheap on the Internet there. Credit cards with card verification numbers go for between $1 and $6, while full-fledged identities trade for $14 to $18 each.
Computer breaches that resulted in data theft caused many of the problems seen by Symantec. Government operated computers suffered so many breaches that they accounted for a quarter of all identity-theft related ones. That was more than any other sector for the period.
The trend of attacking applications rather than operating systems to force those breaches throughout various sectors of computing continues to appeal to criminals. Symantec explained:
Instead of exploiting high-severity vulnerabilities in direct attacks, attackers are now discovering and exploiting medium-severity vulnerabilities in third-party applications, such as Web applications and Web browsers.
Those vulnerabilities are often used in 'gateway' attacks, in which an initial exploitation takes place not to breach data immediately, but to establish a foothold from which subsequent, more malicious attacks can be launched.
Cross-site scripting attacks span operating systems and browsers. Phishing attacks attempt to lure people via spam to places where those attacks can be executed. When they succeed, they usually end up grabbing some kind of financial information.
Sometimes spam leads people who click on links to sites that download Trojans to their system. If this happens, the Trojan can open a backdoor for bot activity, or fire up a spam engine and send messages out to many more people.
Even though some consider the Symantec report to be a tool that serves its needs, to spur demand for security applications, the threats they account for do exist, and have been exploiting people for financial gain. Don't let the messenger derail the message, and please stop clicking on links in emails from untrusted senders.
---
Tags: Symantec, Internet, Threat, Security, Report
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
