Monday, September 17, 2007
Cybercrime is Big Business
We all know that the internet practically created something from nothing. It changed the economy and the way we do business. Between communicating in nano seconds in several flavors from instant messaging, to email to video conferencing on a budget of pennies, to the darker side.
Symantec has produced a report on cybercrime. This underground economy is very advanced. They have their own auction sites selling confidential data such as credit card numbers and Social Security numbers. They also sell toolkits so that little computer science knowledge is needed to execute sophisticated attacks and malware program installations on other's machines. Symantec reports this is now a multi-billion industry.
Cogs are developing in this underworld as one part of the thievery works another. As an example, three phishing toolkits were used to develop 42% of the phishing attacks in the first half of this year. These toolkits are created and sold to the users executing them. 86 percent of the phishing websites were hosted on only 30 percent of the IP addresses. Does this mean there is a market catering to the phishers? There seems to be more collaboration between the criminals who know how to mine personal, confidential data out of online job sites with those phishing and spamming.
Symantec sees these well crafted attacks growing. William Beer, Symantec's European director of security practice said many attacks are aimed at small financial institutions. "Attention has gone away from the larger banks down to credit unions and small banks that do not have the people and resources to fight off the attacks," he said. "Even the smallest bank has enough money," said Mr Beer.
Large or small, all banks need to prepare reaction plans not only for data breaches, but for phishing attacks, attacks on their web sites and for potential hacking.
We all know that the internet practically created something from nothing. It changed the economy and the way we do business. Between communicating in nano seconds in several flavors from instant messaging, to email to video conferencing on a budget of pennies, to the darker side.
Symantec has produced a report on cybercrime. This underground economy is very advanced. They have their own auction sites selling confidential data such as credit card numbers and Social Security numbers. They also sell toolkits so that little computer science knowledge is needed to execute sophisticated attacks and malware program installations on other's machines. Symantec reports this is now a multi-billion industry.
Cogs are developing in this underworld as one part of the thievery works another. As an example, three phishing toolkits were used to develop 42% of the phishing attacks in the first half of this year. These toolkits are created and sold to the users executing them. 86 percent of the phishing websites were hosted on only 30 percent of the IP addresses. Does this mean there is a market catering to the phishers? There seems to be more collaboration between the criminals who know how to mine personal, confidential data out of online job sites with those phishing and spamming.
Symantec sees these well crafted attacks growing. William Beer, Symantec's European director of security practice said many attacks are aimed at small financial institutions. "Attention has gone away from the larger banks down to credit unions and small banks that do not have the people and resources to fight off the attacks," he said. "Even the smallest bank has enough money," said Mr Beer.
Large or small, all banks need to prepare reaction plans not only for data breaches, but for phishing attacks, attacks on their web sites and for potential hacking.
Wednesday, September 12, 2007
The Iceman Cometh
In this version the Iceman is Max Ray Butler, 35, of San Francisco. And he is going to Pittsburgh, PA for arraignment. Butler used the aliases "Iceman," "Aphex," "Darkest" and "Digits" on the internet. He could face 40 in prison and a $1.5 million fine.
Butler operated a web site with an online forum facilitating the theft and sale of credit card numbers. He also stole the credit card and identity information of tens of thousands of people. Witnesses said they had seen Butler in a hotel where he would go from room to room using a high powered antenna so he could intercept wireless signals. He would then hack into financial institutions and credit card processing centers to steal the information.
In the complaint, one witness said he purchased tens of thousands of cards from Butler. Butler sold these for several hundreds of dollars per batch. Butler is charged in PA on three counts of wire fraud and two counts of transferring stolen identity information as a participant in the investigation there bought 100 credit card numbers and related information from Butler.
In this version the Iceman is Max Ray Butler, 35, of San Francisco. And he is going to Pittsburgh, PA for arraignment. Butler used the aliases "Iceman," "Aphex," "Darkest" and "Digits" on the internet. He could face 40 in prison and a $1.5 million fine.
Butler operated a web site with an online forum facilitating the theft and sale of credit card numbers. He also stole the credit card and identity information of tens of thousands of people. Witnesses said they had seen Butler in a hotel where he would go from room to room using a high powered antenna so he could intercept wireless signals. He would then hack into financial institutions and credit card processing centers to steal the information.
In the complaint, one witness said he purchased tens of thousands of cards from Butler. Butler sold these for several hundreds of dollars per batch. Butler is charged in PA on three counts of wire fraud and two counts of transferring stolen identity information as a participant in the investigation there bought 100 credit card numbers and related information from Butler.
