For online security professionals, 2012 is turning out to be a banner year. Prominent hacks are taking place nearly every week. Credit card fraud and piracy on the Internet are booming. Hacktivist attacks against government computers and private companies are occurring almost daily. Big-name government agencies and businesses everywhere are shelling out for security assistance ... but for everyday Internet users, it's a giant headache with unclear risks.
The one thing no one is really able to explain is why cybercrime's booming. According to a recent Norton Study, cybercrime cost the global economy (in both direct damage and lost productivity time) $388 billion in 2011--significantly more than the global black market for marijuana, cocaine, and heroin combined. Officials at the Department of Homeland Security have reported exponentially increasing demand for cybercrime assistance --something confirmed by this reporter in anecdotal discussions with online security experts.
Every single expert has a different theory. Some say it's due to a global economy that's putting programmers out of work and turning them rogue. Others say it's the easy availability of computers in poor regions of the world where job prosects are few. Then others say it's simply that scripts and DDoS attacks have democratized cybercrime.
DDoS attacks--and their first cousins, botnets--are one of the biggest culprits. Most DDoS attacks are amazingly simplistic; they are denial-of-service attacks frequently made via software that requires no programming or IT knowledge. Botnets are impromptu networks of Internet-connected computers turned rogue via malware. Once a computer is compromised, they can be used for everything from financial fraud to knocking websites offline. Reached by email, Carl Herberger of security firm Radware put much of the blame on hacktivists such as Anonymous.
"The motive for attacks has changed and this new motive brought with it new tools and attack techniques," Herberger tells Fast Company. "These new motives--frequently called 'Hacktivism'--are in a new category which will go down in the record books as one of the most active periods of cyberattacks in the history of information security. Given the current efficacy of ideologically-based multi-vulnerability attacks such as WikiLeaks revenge attacks of 2010 and the Sony attacks of 2011, we believe this will only serve to encourage even more actors to enter the picture and spawn a vicious cycle of future malicious activity.”
While the idea that politicized groups such as Anonymous are malicious and/or criminals is controversial, many security experts agree with Herberger. At the recent Kaspersky Lab Cyber Conference in Cancun, CEO Eugene Kaspersky compared hacktivists to radicals who plant car bombs and commit arsons in the name of ideology. Similar alarms were raised in an end-of-year letter from risk management firm Stroz Friedberg, which largely conflated hacktivism with threats like state-sponsored data theft and zero-day exploits.
As for state-sponsored data theft, the New York Times just reported on the lengths to which American companies go to avoid Chinese Cyber Espionage American businesspeople, consultants, and politicians working in China avoid bringing their work computers into the country and use throwaway mobile phones--to name the most common tricks--in order to avoid the loss of business secrets to state-sponsored corporate spies. While China is the most blatant nation-state to engage in spying on foreign businesses for the benefit of homegrown companies, it isn't uncommon. Russia, France, Israel, Taiwan, and others have also been alleged to engage in the process.
Still The World of Malware,Bots, Cyber Espionage, Piracy and many more has become a center of attraction.
Stay Safe
Thanks to - NEAL UNGERLEIDER for this wonderful article
No comments:
Post a Comment