Cyber criminals are setting snares that move at the speed of news.
Panda Security, a Spain-based antivirus maker, has been monitoring an onslaught of links with malicious software, or “malware,” on Twitter by tagging hot current topics such as the Air France crash, the NBA finals, “American Idol” runner-up Adam Lambert and the new iPhone. “For the past week, cyber criminals have been targeting Twitter users by creating thousands of messages (tweets) embedded with words involving trending topics and malicious URLs,” wrote Sean-Paul Correll in a threat surveillance blog for Panda Labs. The growing sophistication of malware attacks mirrors the growing threat — and cash — generated by online crime. Already, cybercrime is estimated to cost companies and consumers more than $100 billion worldwide. Some officials claim it has now eclipsed illegal drugs as a criminal moneymaker. “It’s very seldom reported … if discovered by companies, they generally don’t want the public to know they’ve been had,” said Eugene Spafford, a computer security specialist at Purdue University who has advised two U.S. presidents and numerous companies and government agencies.
Dangerous Internet search terms
Obama creates top job for online security
Cybercrime is one of the few industries benefiting from the financial crisis. Last year, antivirus maker McAfee saw a 500 percent increase in malware — more than the company had seen in the previous five years combined. In the United States, the FBI reported a 33 percent increase in Internet crime last year. Companies lost an average of $4.6 million in intellectual property last year, according to a survey of 1000 firms worldwide by Purdue University and McAfee. “As the economy has declined, we’ve seen the threat landscape increase,” David DeWalt, president and CEO of McAfee, recently told Richard Quest for CNN International’s “Quest Means Business.” Watch Quest interview with McAfee boss » That increase has helped antivirus makers like McAfee snare record returns — the company’s first quarter profits were 21 percent higher than same period last year. But companies and governments find themselves in a losing war with Web-savvy criminals. “The fundamental fact is cyber criminals are highly organized with sophisticated corporate structures and business chains,” said Michael Fraser, director of the Communications Law Centre at the University of Technology Sydney. “They have R&D departments, strong distribution networks and Web sites for the discerning cyber criminal,” Fraser said. On these Web sites, would-be criminals can purchase tool kits to learn how to side-step security measures or create their own “botnet” — referring to software that can, unbeknownst to victims, turn their computers into spamming foot-soldiers for criminal networks. One Web site advertises software that can capture information for a popular Internet secured payment provider for $500 — discounted to $400 for the first 100 buyers. Skimmed credit card numbers and other personality identity information stolen from computers also can be found for sale on Web sites, Fraser said. “When police shut these Web sites down, they just mushroom up some other place,” he said. Sophistication evolving Although the techniques of cybercrime have evolved, they pray on human vulnerabilities like criminals throughout the ages. In the digital age, that means tempting with free downloads, money schemes and pornography. The range of tools used by cyber criminals reveals the quick evolution of the industry. Viruses — the first generation of the computer culprits — are used for the computer equivalent of vandalism, as the malicious programs replicate, spread and damage computers. “When the company was set up, we were seeing two or three new viruses a week,” said Mahendra Negi, chief financial officer of Tokyo-based antivirus maker Trend Micro. “Now there’s a new one every two-and-a-half seconds. “With the arrival of spam in 2001 and 2002, the big difference was it was commercial malware,” Negi said. “Once money became involved, the level of sophistication raised a hundred-fold.” Now the biggest threats include “phishing” schemes and “botnet” attacks. Phishing is where criminals masquerade as a legitimate business or Web site and trick victims into revealing passwords, credit card information and other personal data. Botnet attackers commandeer personal computers as part of a large network of “zombie” computers that, on command, target companies for spam attacks to cripple IT capabilities. Botnets — some of which are large enough to deploy tens of billions of spam emails a day — are often used in extortion schemes. “They ring up the IT manager of a company and say, `Pay us a million or we’ll take you down’,” said Fraser, who has worked with companies victimized by botnet attacks. Companies often pay up and shut up, computer experts say, rather than report the crime and garner publicity that may hurt reputation. And unlike prankster virus-makers, these malware makers are determined to stay hidden. “Once it became a business, then (cyber criminals) began to look at what companies like us were doing, and figure out weaknesses,” he said. “They are very customer friendly … they sell updates, they will highlight what the product does and what antivirus software can’t detect them. Adding to the difficulty is, in most jurisdictions, it is not illegal to create or sell malware. “It’s like the arms industry … it’s not a crime to build and sell them,” Negi said. And because of the transnational nature of the crime, it’s extremely difficult to prosecute. A scan of 500 headlines on Internet-related arrests from newspapers around the world the past two years found about 90 percent were related to child pornography cases. “Child pornography is easier to prosecute because it is possible to find the evidence on the perpetrator’s computer systems,” said Spafford of Purdue University. Cyber criminal networks are as porous as the Internet itself. “There are multiple jurisdictions and unless it’s an ongoing crime that uses the same path all the time, the trail goes cold quickly,” Spafford said. “I may be able to trace back to a computer system, if I’m lucky, or trace it back to a cyber café — but how do I know who was behind it” Often criminal networks are run in countries like Russia and China, where government officials turn a blind eye to these activities — so long as their victims reside outside the host country, Spafford said.
“For the host countries, that’s dangerous … it’s kind of like breeding tigers in the back yard and saying, ‘well, they haven’t hurt anyone here yet’,” he said. “Mexico is a wonderful example … they tolerated drug smugglers for years, and now it’s such a major problem and incredibly painful and costly to run them out. “I’m not saying (cyber criminals) are involved in physical violence, but it’s not out of the realm of possibility,” he said. “What are they doing with all that money”