HOME Technology Dec 2011
Botnet armies advancing

Cyber threats costly and mobile

 “Symantec estimates more than 868,206 New Zealanders were scammed this year, resulting in $NZ288.2 million in direct financial losses plus $NZ 337.3 million to resolve and recover.”

No matter what new device, application or online service we use to download, connect and communicate, cybercriminals are right there in the digital slipstream looking to exploit our vulnerabilities.

Scams continued to escalate this year from cold-calling ‘support’ companies looking to compromise our computers to hacked email accounts urgently seeking cash for ‘friends’ in trouble and fake requests from banks or ISPs demanding log-in details to prevent account closure.

With a little common sense these cons can be consigned to the trash but the perpetrators are persistent and their methods and the tools they use increasingly covert and convincing.

Internet safety group NetSafe, claims New Zealanders lost more than $750,000 over the past year through online ‘incidents’; 60 percent through phishing attacks, advanced fee frauds and romance scams.

That number is highly conservative, as victims are often too embarrassed to report cybercrime. The NetSafe Orb site (www.theorb.org.nz) provides a less threatening way to name, shame and shut down scammers. In its first year around 1700 incidents were reported.

High cost to fix

Even more sobering is Symantec’s Norton Cybercrime Report, claiming 72 percent of adult New Zealanders were victims of cybercrime and 8 percent were stung through their mobile phone in 2011. 

Symantec estimates more than 868,206 New Zealanders were scammed, resulting in $NZ288.2 million in direct financial losses plus $NZ 337.3 million to resolve and recover.

It alleges cybercrime and recovery worldwide costs $US388 billion – $US100 billion more than the global black market in marijuana, cocaine and heroin combined – with around a million victims every day.

And Symantec found more than 286 million unique variations of malicious software, up nearly 20 percent on the previous year. After a lull in email spam and scams, there was a sudden burst of activity in September with 72 percent of infections considered aggressive.

big scare came in June when it was learned a supercharged botnet known as TDL-4, described as “hard to detect, delete, suppress or eradicate” and “virtually indestructible”, had infected more than four million PCs in just three months.

Kaspersky Labs says the encrypted botnet, which links infected computers into a global peer-to-peer network controlled by criminals, continues to propagate with its creators making it even more robust in October.

Meanwhile security threats for cellphones and mobile devices increased sharply. Juniper Research reported a 400 percent increase in attacks on Google’s Android operating system to June.

Mobile scams included billing, spyware, search engine poisoning, pay-per-click and pay-per-install schemes, adware, fake security products and stealing and selling identities and banking details.

Despite the threats, Juniper believed less that one twentieth of smartphones and tablets had third party security software installed.

Personal responsibility

Safe online activity is about taking personal responsibility. One international survey showed 41 percent of adults did not have current security software; less than half checked credit card statements for potential fraud and 61 percent failed to use complex passwords or regularly change them to protect phones or PCs.

Geoff Cossey from Chillisoft, which sells eSet security software, confirms identity theft by organised criminals trying to extort money remains the biggest threat with a growing incidence of public email accounts being hijacked.

He said this is often through criminals requesting new passwords, guessing at obvious password clues, then locking owners out.
Without current security profiles, the risk from infected sites downloading key-loggers to record email, website and bank account details, escalates.

Although it might be a pain updating security software, Cossey says it’s essential. “There’s no point in putting your seatbelt on if the brakes don’t work.”

  Back2front    General Interest Webzine