Cyber criminals are setting snares that move at the speed of news.
Panda Security, a Spain-based antivirus maker, has been monitoring an onslaught of links with malicious software, or “malware,” on Twitter that tag hot topics such as the Air France crash, the NBA finals, “American Idol” runner-up Adam Lambert and the new iPhone. “Cyber criminals have been targeting Twitter users by creating thousands of messages (tweets) embedded with words involving trending topics and malicious URLs,” Sean-Paul Correll, a threat researcher for Panda Labs, wrote recently on a blog for the company. The growing sophistication of malware attacks mirrors the growing threat — and cash — generated by online crime. Already, cyber crime is estimated to cost companies and consumers more than $100 billion worldwide. Some officials claim it has now eclipsed illegal drugs as a criminal moneymaker. “It’s very seldom reported … if discovered by companies, they generally don’t want the public to know they’ve been had,” said Eugene Spafford, a computer security specialist at Purdue University who has advised two U.S. presidents and numerous companies and government agencies. Cyber crime is one of the few industries benefiting from the financial crisis. Last year, antivirus maker McAfee saw a 500 percent increase in malware types — more than the company had seen in the previous five years combined. In the United States, the FBI reported a 33 percent increase in Internet crime last year. Companies lost an average of $4.6 million in intellectual property last year, according to a survey of 1000 firms worldwide by Purdue University and McAfee. “As the economy has declined, we’ve seen the threat landscape increase,” David DeWalt, president and CEO of McAfee, recently told Richard Quest for CNN International’s “Quest Means Business.”
In digital age, can movie piracy be stopped
Internet crime jumps by a third
That increase has helped antivirus makers such as McAfee snare record returns — the company’s first quarter profits were 21 percent higher than same period last year. But companies and governments find themselves in a losing war with Web-savvy criminals, experts say. “The fundamental fact is cyber criminals are highly organized with sophisticated corporate structures and business chains,” said Michael Fraser, director of the Communications Law Centre at the University of Technology Sydney in Australia. “They have R&D departments, strong distribution networks and Web sites for the discerning cyber criminal,” Fraser said. On these Web sites, would-be criminals can purchase toolkits to learn how to side step security measures or create their own “botnet” — referring to software that can, unbeknownst to victims, turn their computers into spamming foot-soldiers for criminal networks. One Web site advertises software that can capture information for a popular Internet secured-payment provider for $500 — discounted to $400 for the first 100 buyers. Skimmed credit card numbers and other personal-identity information stolen from computers also can be found for sale on Web sites, Fraser said. “When police shut these Web sites down, they just mushroom up some other place,” he said. Although the techniques of cyber crime have evolved, online criminals pray on human vulnerabilities like criminals throughout the ages. In the digital age, that means tempting with free downloads, money schemes and pornography. The range of tools used by cyber criminals reveals the quick evolution of the industry. Viruses — the first generation of the computer culprits — are used for the computer equivalent of vandalism, as the malicious programs replicate, spread and damage computers. “When the company was set up, we were seeing two or three new viruses a week,” said Mahendra Negi, chief financial officer of Tokyo-based antivirus maker Trend Micro. “Now there’s a new one every two-and-a-half seconds. “With the arrival of spam in 2001 and 2002, the big difference was it was commercial malware,” Negi said. “Once money became involved, the level of sophistication raised a hundred-fold.” Now the biggest threats include “phishing” schemes and “botnet” attacks. Phishing is where criminals masquerade as a legitimate business or Web site and trick victims into revealing passwords, credit card information and other personal data. Botnet attackers commandeer personal computers as part of a large network of “zombie” computers that, on command, target companies for spam attacks to cripple IT capabilities. Botnets — some of which are large enough to deploy tens of billions of spam e-mails a day — are often used in extortion schemes. “They ring up the IT manager of a company and say, ‘Pay us a million or we’ll take you down’,” said Fraser, who has worked with companies victimized by botnet attacks. Companies often pay up and shut up, computer experts say, rather than report the crime and garner publicity that may hurt their corporate reputation. And unlike prankster virus-makers, these malware makers are determined to stay hidden. “Once it became a business, then (cyber criminals) began to look at what companies like us were doing, and figure out weaknesses,” he said. “They are very customer friendly … they sell updates, they will highlight what the product does and what antivirus software can’t detect them. Adding to the difficulty is the legal situation that in many jurisdictions, it is not illegal to create or sell malware. “It’s like the arms industry … it’s not a crime to build and sell them,” Negi said. And because of the transnational nature of the crime, it’s extremely difficult to prosecute. A scan of 500 headlines on Internet-related arrests from newspapers around the world the past two years found about 90 percent were related to child-pornography cases. “Child pornography is easier to prosecute because it is possible to find the evidence on the perpetrator’s computer systems,” said Spafford of Purdue University. Cyber-criminal networks are as porous as the Internet itself. “There are multiple jurisdictions and unless it’s an ongoing crime that uses the same path all the time, the trail goes cold quickly,” Spafford said. “I may be able to trace back to a computer system, if I’m lucky, or trace it back to a cyber cafe — but how do I know who was behind it” Often criminal networks are run in countries such as Russia and China, where government officials turn a blind eye to these activities — so long as their victims reside outside the host country, Spafford said. “For the host countries, that’s dangerous … it’s kind of like breeding tigers in the back yard and saying, ‘Well, they haven’t hurt anyone here yet,'” he said. “Mexico is a wonderful example … they tolerated drug smugglers for years, and now it’s such a major problem and incredibly painful and costly to run them out. “I’m not saying (cyber criminals) are involved in physical violence, but it’s not out of the realm of possibility,” he said. “What are they doing with all that money”