Académique Documents
Professionnel Documents
Culture Documents
CRIMINOLOGY REPORT
ORGANISED CRIME AND THE INTERNET
December 2006
© McAfee 2006
CONTENTS
INTRODUCTION
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
SECTION THREE
THE INSIDERS: THE NEW THREAT TO CORPORATES
SECTION FOUR
FUTURE CHALLENGES
REFERENCES
01
INTRODUCTION
GREG DAY, MCAFEE SECURITY ANALYST
“It’s been dubbed Web 2.0 or the internet’s second
wave. Millions of people are now harnessing the
In 2005, the McAfee Virtual Criminology Report FROM BEDROOM LONERS TO COMMUNAL internet to network with each other socially, create
revealed how European cybercrime had expanded and share content and buy products and services in
CAFES
from geeks in their bedrooms to organised even greater amounts. So too is organised crime.
cybercrime gangs. The report examines how cyber criminals are moving
Organised crime is seizing the potential of the digital
away from bedrooms and into public places such as
The McAfee report, the first to examine organised space we live our lives through today for financial
Internet cafes and Wi-Fi enabled coffee shops.
crime and the Internet, highlighted how old-style gain.The increasing take-up of broadband and new
crime gangs were going hi-tech and replacing Experts across the globe recognise the growth of technologies such as voice over internet (VoIP) services
baseball bats with botnets to carry out systematic cybercrime. Dave Thomas, Section Chief, FBI Cyber present new opportunities for hi-tech criminals.
and professional cyber crimes. Division, says “If you have people reading in the
Cybercriminals are not standing still either.
media that other people are making a lot of money
A year on and cybercrime represents the fastest- from cybercrime – and if they have criminal intent – They are developing faster, stealthier and more
growing category of crime globally. then they are definitely going to also take that path.” resilient methods such as ransomware to target new
Cybercrime is no longer in its infancy, it is now big and unsuspecting victims such as home PC users and
The threat of cybercrime to businesses and individuals
business. Organised crime is capitalising on every small businesses.
continues to increase at a staggering rate. In July
opportunity to exploit new technology to perform 2006, McAfee researchers reported that over 200,000 The security industry has also not stood still. Today,
classic crimes such as fraud and extortion to make online threats had been detected. It took 18 years to global viruses like Mydoom and Sober are no longer
money illegally. And they are targeting businesses reach the first 100,000 (2004) and only 22 months to effective means of causing mass infection. So
and individuals alike. double that figure. McAfee’s researchers expect it to cybercriminals are using more subtle and sophisticated
Organised crime gangs may have less of the expertise double yet again in a similar timeframe. Organised methods that are harder to detect. As such, proactive
and access needed to commit cybercrime but they crime has realised the potential of making money protection is becoming imperative – it is the only way
have the financial clout to buy the right resources and through the Internet as we move forward into our to offer users absolute confidence.
operate at a highly professional level. cyberworlds.
As the largest dedicated security company in the
NEW GENERATION GROOMED FOR CYBERCRIME Commissioned by McAfee and with contributions from world, McAfee is at the forefront of enabling
Robert Schifreen, expert author of the best-selling consumers and businesses to better understand the
The new research reveals how organised crime is book Defeating the Hacker, law enforcement agencies risks they face online - showing them the best ways
grooming a new generation of high-flying and cybercrime experts across the globe, the second they can take a proactive approach to securing the
cybercriminals using tactics which echo those McAfee Virtual Criminology Report shows how hi-tech things that matter most to them, including their
employed by the KGB to recruit operatives at the crime is developing and looks into the future threat identity and personal belongings such as digitally
height of the cold war. this activity poses to home computers as well as to archived photos and music.
government infrastructure and corporate
TEENS AS YOUNG AS 14 ATTRACTED BY CULT OF organisations.
McAfee has worked with leading hi-tech enforcement
CYBERCRIME experts and agencies across Europe and the US over
the past five months to reveal its second study into
The study also reveals how internet-savvy teens as organised crime and the Internet. The study
young as 14 are being attracted into cybercrime by the underlines how vigilant we should all be as new
celebrity status of hi-tech criminals and the promise of technologies propel our usage of the Internet but also
making money without the risks associated with provides new opportunities for hi-tech criminals.”
traditional crime.
02
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
03
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
As a result, cybercrime has established a cult Gary claims his inspiration to become a hacker came
following, with online offenders rising almost to from watching the movie WarGames when he was 17
celebrity status within hacking communities. years old. He thought, “Can you really do it? Can you
really gain unauthorised access to incredibly
Virus writers, hackers and other malware authors have interesting places? Surely it can’t be that easy.” And so
well-publicised conferences and seminars where they he gave it a try.
showcase their methods to highlight potential security
issues. But as well as revealing potential security issues, SPOTLIGHTING CYBERCRIME
they also expose vulnerabilities and the opportunity • Defcon, the annual hacker gathering in Las
for criminals and black hat activities. Vegas: Attendees were encouraged to hack their
entrance badges
• The Blackhat Security Conference: Microsoft
encouraged hackers to take their best shot at its new
operating system, Windows Vista
• Hack in the Box – labelled as ‘the most intimate of
the hacker conferences’
04
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
05
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
While the vast majority of content online has fostered Robert Burls MSc, Detective Constable, Metropolitan Police
Computer Crime Unit
a sprit of enterprise and sharing of information and
knowledge for good, it has made it easy for
06
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
HOW ORGANISED CRIME IS GROOMING THE In the words of former KGB Maj. Gen. Oleg Kalugin: CASE STUDY: POTENTIAL TARGETS OF
NEXT GENERATION OF CYBERCRIMINALS “If you can find a young person, perhaps a student, CYBERGANGS
before his opinions have fully matured, then make
“Cybercriminals need not only IT specialists – they him truly believe in your cause, he will serve you for
need people that can launder money, people that can many years.”
4
specialise in ID theft, someone to steal the credit In June 2006, researchers surveyed 77 computer
numbers, then hand it off to someone who makes In some cases, organised crime gangs are going even science students at Purdue University, USA, using an
fake cards. This is certainly not traditional organised further to sponsor eager would-be hackers and anonymous, web-based questionnaire. Students were
crime where the criminals meet in smoky back rooms. malware authors to attend information technology asked whether they had indulged in one of several
Many of these cybercriminals have never even met university courses to further their expertise. Criminals “deviant” computer acts, some of which could be
face-to-face, but have met online. People are openly are also earmarking university students from other classified as illegal.
recruited on bulletin boards and in online forums disciplines and supporting them financially through These activities were guessing or using another
where the veil of anonymity makes them fearless to their studies with a view to them gaining employment person’s password, reading or changing someone
post information.” with, and inside access to, target organisations else’s files, writing or using a computer virus,
and businesses. obtaining credit card numbers and using a device to
Dave Thomas, Section Chief, FBI Cyber Division
obtain free phone calls.
Although organised criminals may have less of the
expertise and access needed to commit cybercrimes, The number of IT students who admitted to such
they have the funds to buy the necessary people to do behaviour was high. Of 77 students, 68 admitted to
it for them. engaging in an activity that could be classified as
5
deviant.
In an echo of the KGB tactics employed during the
cold war to recruit operatives, organised crime gangs
are increasingly using similar tactics to identify and
entice bright young net-savvy undergraduates.
Organised crime gangs are starting to actively recruit
skilled young people into cybercrime. They are
adopting KGB-style tactics to recruit high flying IT
students and graduates and targeting computer
society members, students of specialist computer skills
schools and graduates of IT technology courses.
At the height of the cold war, potential KGB
operatives were often identified by skimming trade
journals for expert names, checking trade conferences
attendees or were approached out of the blue on
university campuses.
07
FROM PURISTS TO PROFITEERS: THE INNOVATORS
THE CYBERCRIME FOOD CHAIN Who? Focused individuals who devote their time to finding security holes in systems or
exploring new environments to see if they are suitable for malicious code
Perpetrators of cybercrime today range from the
amateurs with limited programming skills who rely on Why? The Challenge
pre-packaged scripts to execute their attacks, right
How? Embrace the challenge of overcoming existing protection measures
through to the well-trained professional criminals who
and seek to break in through the back door
are armed with all the latest resources.
Danger Rating: Low
These purists, the ‘elite threat authors’, only make up 2% of the hacking
and malware author population
THE INSIDERS
Who? Disgruntled or ex-employees, contractors and consultants
Why? Revenge or petty theft
How? Take advantage of inadequate security, aided by the
privileges given to their positions within the workplace
Danger Rating: High
This group is a growing and serious security problem
08
SECTION ONE
CYBERCRIME: A NEW GENERATION OF CRIMINALS
09
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING
FROM THE INTERNET
Online crime has changed dramatically in recent years. FROM BEDROOM LONERS TO CAFE CRIMINALS
The previously common and global virus events are
The stereotypical view of lone cybercriminals
now all but a thing of the past. In the first half of
operating out of their bedrooms is no longer a valid
2004, 31 virus outbreaks were rated medium and
one. Nowadays, they are to be found right in the
above. The second half of 2004 saw 17 more. That
public eye. But rather than opening themselves up for
number fell to 12 for the whole of 2005 and in 2006
discovery they are covering themselves with an
there have been no outbreaks of comparative severity.
invisible cloak.
The focus has turned towards altogether stealthier
Hackers and malware authors traditionally worked
and more targeted means of attack.
from the hidden depths of their homes because they
Cybercriminals are refining their means of deceit and needed access to a telephone line for modem-to-
the victims they are targeting. Evolving their modem communications. But the Internet, its
techniques and targets allows them to stay one step popularity and its pervasiveness, has changed all that.
ahead of detection. They can access the Internet in a cybercafé, university,
library, telephone kiosk, from a PDA or mobile phone
KEY TRENDS OVER THE PAST YEAR INCLUDE: – or even by stealing bandwidth from any unprotected COVERT COMMUNICATIONS IN PUBLIC SPACES
• Moving away from bedrooms and into public Wi-Fi network that they happen to be parked near to.
places to avoid detection By using the Internet in a public place, cybercriminals
• Exploiting the new online social networking maintain crucial anonymity and avoid detection. Many Following the explosions in London on 7th July 2005,
explosion Internet cafes clean their computers by automatically the National Hi-Tech Crime Unit (NHTCU) contacted
rebooting the machines and wiping all non-standard JANET, the Joint Academic Network, which connects
• Targeting identities by employing new files between each customer. Anonymity is key and UK universities, colleges and schools.
techniques such as spear phishing tracks are more easily covered from a public location. The NHTCU suspected that the terrorists used a
• Targeting new technologies – mobile phones telecommunications system in the planning and
execution of their attack, and that universities may
and devices
have information on their networks that could assist in
• Targeting individuals and small businesses its investigations. The NHTCU requested that all data
be preserved.
• Criminal collaboration and the creation of
malware mafia families
10
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
SOCIAL NETWORKING: HOW CRIMINALS ARE But this also presents the perfect opportunity for SOCIALLY UNACCEPTABLE – SCAMS ON
TARGETING THE WEB’S SOCIAL NETWORKING criminals to embed spyware and adware within
downloads, capable of compromising PCs, tracking online
MYSPACE
EXPLOSION
behaviour or directing users to inappropriate content.
Since its beginning, the web has often been used Whole profiles can be developed for illegal purposes. In October 2005, the Samy worm was discovered on
as a tool to meet new people, but over the last popular community site MySpace.com. By exploiting
year the interaction between Internet users has vulnerabilities in the MySpace.com site, the worm
grown dramatically. added a million users to the author’s friends list.
Web 2.0, or the Internet model where content is Additionally, the malicious code would be copied into
created and shared, has given birth to some of the SOCIAL ENGINEERING IN PUBLIC COMMUNITY the victim’s profile, so that when that person’s profile
most popular websites the Internet has ever seen. SITES was viewed, the infection spread.
Sites like MySpace, Bebo, Friendster, Facebook and In summer 2006, a banner ad on MySpace
LinkedIn (a site used for business networking) have compromised almost 1.1 million computers. When
Just like with social networking sites like MySpace, the users opened the image, the hacker was given access
fuelled the social networking trend.
very openness of Wikipedia that allows users to freely to the infected PC. The spyware installation program
It’s a hugely powerful medium and people are just add or edit available content has made it an attractive contacted a Russian-language web server in Turkey
starting to grasp how effective it can be to link with target for virus authors to plant malicious code in that tracked the PCs on which the programme had
friends, or potential business associates. articles. been installed. The ad also attempted to infect users
of Webshots.com, a photo-sharing site.
By their very nature, these sites are vulnerable to In October 2006, a piece on the German edition of
misappropriation. There is a false economy of trust. Wikipedia was re-written to contain false information MySpace was also subject to a phishing scam in 2006.
People don’t present personal information to about a supposedly new version of the infamous The attack started when users were sent a link
strangers in the street, but building profiles online Blaster worm, along with a link to a supposed fix. In through an instant messaging program. The link was
mean that Internet criminals can instantly access a reality, the link pointed to malware designed to infect from someone in their contact lists, asking them to
mine of details – names and interests, pets and life Windows PCs. click the link to MySpace to view photos. The link led
stories. All of which help them to either take those to a fraudulent MySpace login page. Once the victim
An email was also mass spammed to German
identities directly to defraud, or understand entered their information, they were then
computer users requesting them to download the
personalities to better and more effectively target transparently logged into the real MySpace pages. But
security fix. The email was crafted to supposedly
phishing or adware scams. in the meantime, all their log-in information become
appear from Wikipedia, complete with an official
the property of the phisher.
The inclusion of music on MySpace has been one of Wikipedia logo.
the biggest reasons for the site’s success.
Unknown bands have demonstrated that social
networking sites can be an effective way of promoting
themselves. Artists like Lilly Allen and Arctic Monkeys
have used MySpace as a springboard.
11
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
CONTEMPORARY SCAMS: HOW CRIMINALS ARE An analysis of screensaver pages associated with the
TRICKING PEOPLE BY TOPICAL CROWD PLEASERS World Cup found that a high proportion of sites were
loaded with adware, spyware and malicious
Popular national and international news and sports downloads. Among the teams, Angola (24%), Brazil
events draw in the crowds – but now they attract the (17.2%) and Portugal (16.2%) rated especially highly,
cybercriminals too. Whether it’s via viral marketing, or while among the players, superstars Cristiano Ronaldo
just plain viruses, a topical subject header, website link of Portugal, David Beckham of England and
or download is capable of reaping in the rewards. Ronaldinho of Brazil posed a significant danger to
The 2006 World Cup generated exactly this sort of fans.
criminal opportunity. Popular with millions world- IDENTITY THEFT: STEALING PERSONAL
wide, fans hunger for information proved insatiable.
INFORMATION TO DEFRAUD
Viruses using related messaging circulated fast and
furious; and thousands frantically downloaded score There has been a dramatic increase in the collection
spreadsheets and screensavers giving criminals almost methods used by criminals to steal personal identifier
instant and unsuspected presence on hundreds of information.
thousands of computers.
12
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
13
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
MIND GAMES: HOW CRIMINALS ARE and American financial institutions, and the targets
EMPLOYING INCREASINGLY DEVIOUS MEANS TO are changing almost daily.
TRICK PEOPLE INTO HANDING OVER MONEY
AND INFORMATION
“While virus and worm epidemics have been reduced
While cybercriminals continue to churn out attacks on – mostly as a consequence of improved tools for
larger institutions and en masse hits, the majority have detection and removal – phishing and pharming have
turned to subtler and more effective methods which become predominant means of attacks, especially
introduce the mind games and social engineering targeting banks.”
techniques that unravel not only chunks of data but
Professor Klaus Brunnstein, University of Hamburg
entire identities.
The e-commerce phish has also become more directed.
PHISHING FACTS
Much of the phish targeting popular online auction
2
• 17,000 phishing reports per month in 2006 sites appear as if they have been sent from another
3 user rather than from the auction site. For example,
• 40% in non-English language
many of the phish nowadays are fake messages
• 90% of people still don’t recognise well- claiming that you bought an item and have not paid,
4
constructed phish or the other user has raised a dispute against you, or is
enquiring about an item for sale.
Phishing - the act of sending an email to a user falsely
claiming to be an established legitimate enterprise in In February 2006, the various ‘update your account
an attempt to scam the user into surrendering private information’ phish accounted for 90% of the ebay
information that will be used for identity theft – is on phish, and 10% were other types. Now it is less than
the rise. But the nature of phishing attacks 50%.
isconstantly changing.
A less high-profile attack comes with the growing
Over the last year, McAfee has seen phishing emails number of spear-phishing messages. These look like
increase by approximately 25%. Fraudsters continue to they have come from employers or colleagues who
target the high profile banks, financial institutions and might feasibly send IT communications and include
e-commerce sites that they always have done but requests for user names or passwords. But the real
increasingly they are changing the content of the truth is that the email sender information has been
phishing mails away from the ‘update your details spoofed in an attempt to gain access to a company’s
now’ scams to a more varied and directed message. entire computer system.
In addition to attacking these well known companies,
fraudsters are increasingly targeting smaller European
14
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
MOBILE THREATS: HOW CRIMINALS ARE CASE STUDY: SMISHING UPDATING OLD TRICKS – SPAM BECOMES
EXPLOITING NEW TECHNOLOGY PICTURE PERFECT
“SMiShing” (phishing via SMS), is a recent Spam continues to remain one of the biggest
phenomenon that takes the concept and techniques of August 2006 saw the first example of a threat moving challenges facing Internet consumers, corporations,
phishing via email and translates it to text messages. from the PC environment into the mobile space with and service providers today - with the cost of spam
an attack that started as a simple mass mailing worm impacting bandwidth, delayed email, and employee
Episodes of this activity have been minimal to date but but was then turned into a SMiShing attack. productivity. Spammers continue to employ new
the nature of current attacks suggests that much of it tricks to avoid detection and open up new streams
has been authored by script kiddies looking to take The threat targeted two major mobile phone
operators in Spain, sending SMiSh messages free of revenue.
new code to standard execution. Now SMiShing has
become part of the cybercrime toolkit, there will be a of charge via randomly generated mobile phone Image spam has been significantly increasing and now
considerable rise in attempts over the coming months. numbers through the operators’ email-to-SMS many varieties of spam - typically pump and dump
service gateway and specifically targeting Nokia stocks, pharmacy and degree spam - are now sent as
As we become more reliant on our personal mobile Series 60 devices. images rather than text. In October 2006, image spam
devices outside of the home and office, SMiShing accounted for up to 40% of the total spam received,
stands as a clear indicator that cell phones and mobile It attempted to trick the victim into downloading free
‘anti-virus software’ from the operator. Users that compared to about 10% a year ago. Image spam is
devices will increasingly be used by perpetrators of typically three times the size of text-based spam, so
malware, viruses and scams. downloaded and installed the software from the link
found themselves infected with malware. this represents a significant increase in the bandwidth
used by spam messages.
Most of the code was in Spanish with some
German comments, illustrating that cybercrime Traditionally, spammers have also used well-known
knows no borders. top level domains (TLDs) such as .com, .biz or .info. But
now, by using top level domains from small island
countries, such as .im from the Isle of Man in the UK,
spammers attempt to avoid detection by using
domains previously unknown to spam filters. This
trend has been nicknamed ‘spam island-hopping’.
15
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
GLOBAL BOTNET ARMIES
Botnets – the jargon term for a collection of software
robots, or bots, which run autonomously.
HOW HOME USERS ARE BECOMING A
FAVOURITE TARGET FOR CRIMINALS BOTNET FACTS
In the 2005 McAfee Virtual Criminology Report it was • IRC BOTS grown from 3% – 22% of all malware
revealed how there had been a massive increase in (2004 – 2006)
extortion demands primarily targeting businesses
reliant on the Internet for their business. • Costs of protection can be more than ransom costs
16
SECTION TWO
HI-TECH CRIME: HOW ORGANISED CRIME IS PROFITING FROM THE INTERNET
17
SECTION THREE
THE INSIDERS: THE NEW THREAT TO CORPORATES
INSIDE THREATS
Most companies view security threats from an outside-
in perspective. There are, however, significant
Criminals cannot operate without opportunity. The
emerging threats to security that are not being
fast evolution of technology and the struggle of
introduced from external, unknown sources, but from
consumers and businesses to stay in step with the risks
employees themselves.
mean their prospects and profits are growing at a
rapid pace. Employee ignorance and negligence within the
workplace is opening up cracks for cybercriminals to
In terms of corporate IT security worries, top of the list
exploit. Lack of security attention and awareness by
right now is spyware as well as data theft using
employees means there is a high risk of malware,
devices such as USB sticks. Viruses, firewalls and spam
viruses, worms and Trojans being spread to the work
are, to a large extent, understood and under control.
network. It only takes seconds for an employee to
But detecting spyware centrally, and controlling the
attach an unprotected laptop or PDA to the work
use of USB sticks, is a real worry to companies both
network and seriously expose the whole environment
large and small, from a theft and confidentiality point
to infection. Few have any idea that their company
of view.
laptop may not have the latest security updates.
Workers are also bypassing their company security
procedures by attaching their own devices, such as
“One of the biggest challenges of today’s data-rich
iPods, USB sticks and digital cameras.
world is making the most of technology. Technology
provides an opportunity for offenders and also an INSIDER FACTS
opportunity for crime prevention. I have great faith in
the technology but much less faith in humans in being • Nearly a quarter of European professional workers
able to use it properly.” connect their own devices or gadgets to the
company network every day
Professor Martin Gill - Director of Perpetuity Research and
Consultancy International and a Professor of Criminology at • Nearly a quarter of European workers use their work
the University of Leicester laptop to access the internet at home
• A staggering 42% of Italian workers let family and
friends use work laptops and computers to access the
internet
• One in five Spanish workers download content
inappropriate content while at work
18
SECTION THREE
THE INSIDERS: THE NEW THREAT TO CORPORATES
DATA LEAKAGE
A key threat for companies is the ease of which data remotely access computers and execute code for
and information can be taken out of the company. instant access to information.
Criminals are realising that unsecured removable
media devices such as USB sticks provide an easy
means of carrying confidential and financially valuable “We believe that targeted attacks will continue to
information out of the workplace. grow in number, both for businesses and governments
(industrial and political espionage). We’re seeing office
Criminals are actively targeting employees or applications combined with social engineering
sponsoring under graduates. An insider puts a wealth techniques being used as vectors in these.”
of information in their hands, easily transferred and
virtually undetectable. They then hold the stolen data Erik de Jong, Project Manager Govcert.NL CONFIDENTIAL AND COMPACT INFORMATION
for ransom or sell it to the highest bidder. TRANSFER
This threat is set to worsen with the emergence of U3
sticks - if they are not secured. These new generation
devices can be booted from more easily and can carry In 2006, an almost full 1GB flash drive of classified US
installed applications that can be run directly from the Military information was apparently lost and later sold
stick, meaning that essentially it is possible to have at an Afghani bazaar outside a US air base.
your entire PC in your hand – or someone else’s. The flash memory drive, which a teenager sold for
$40, held scores of military documents marked secret,
CORPORATE ESPIONAGE:
describing intelligence-gathering methods and
Corporate espionage is big business. Data is often information — including escape routes into Pakistan
priceless property and can mean the make or break of and the location of a suspected safe house there, and
a company. Stealing trade secrets – information or the payment of $50 bounties for each Taliban or Al
contacts - is a lucrative money-spinner for Qaeda fighter apprehended based on the source’s
cybercriminals. As well as exploiting data leakage via intelligence.
new technologies and devices, criminals are finding
new ways to use keylogger programs to get
passwords, read email and keep track of a user
activity. Spyware writers are also using Trojans to
19
SECTION FOUR
FUTURE CHALLENGES
20
SECTION FOUR
FUTURE CHALLENGES
Smartphone sales have increased by 75.5% in the last personal information is on show and available for
year to 37.4 million units, and will grow by a further those identity thieves looking to build up their
1
66% during 2006. The growing prevalence of the pseudo-profiles.
multifunctional mobile in today’s society and which
Additionally, consumers who use web-based services
we hold as a natural lifestyle accessory which we
like loglines or Web browsers such as Firefox to view
effectively connect with - even more so than a
news feeds and blogs are vulnerable to embedded
computer – guarantees them a very real target for
malicious code that can install spyware, log keywords
identity and data cyber-thieves.
and passwords and scan networks and PCs for
EXPLOITATION OF INTERNET PHONE CALLS open ports.
21
THE CYBERCRIME EXPERTS AND LAW
ENFORCEMENT AGENCIES:
US: Board, an overseas representative on the ASIS NETHERLANDS:
FBI CYBER DIVISION International Academic Programs Committee and the GOVCERT.NL
ASIS International Security Body of Knowledge Task
The FBI’s cyber mission is four-fold: first and foremost, Force. With PRCI colleagues he is currently involved GOVCERT.NL is the Computer Emergency Response
to stop those behind the most serious computer with a range of projects related to different aspects of Team for the Dutch Government. Initiated by the
intrusions and the spread of malicious code; second, to crime in organisations and private security, this Ministry of the Interior and Kingdom Relations and
identify and thwart online sexual predators who use includes shop theft, frauds, staff dishonesty, burglary officially operational since June 5, 2002, it supports
the Internet to meet and exploit children and to reduction, robbery, the effectiveness of security the government in preventing and dealing with ICT-
produce, share, or possess child pornography; third, to measures, money laundering, policing, violence at related security incidents
counteract operations that target US intellectual work, to name but a few.
property, endangering national security and
competitiveness; and fourth, to dismantle national and GERMANY: GOVCERT.NL works independent of suppliers as a
transnational organized criminal enterprises engaging PROFESSOR KLAUS BRUNNSTEIN government organization, and are part of ICTU, the
in Internet fraud. Professor of Information Technology at the Dutch organization for information and
communication technology in the public sector.
UK: University of Hamburg
METROPOLITAN POLICE COMPUTER CRIME UNIT Professor Brunnstein is President of the council of the
“Notfall-Rechenzentrums für Großrechner in Banken,
The Computer Crime Unit is a centre of excellence in
Versicherungen und Industrie” in Hamburg, a role he
regard to computer and cyber crime committed under
has held since 1983. His areas of speciality are data
the Computer Misuse Act 1990, notably hacking,
protection, IT Security and computer viruses.
maliciously creating and spreading viruses and
Previously, Professor Brunnstein was a member of the
counterfeit software. The unit provides a computer
chairmanship of GI (Gesellschaft für Informatik) from
forensic duty officer and offers computer evidence
1996 until 2001 and currently still holds the role of
retrieval advice to officers.
President of the International Federation for
PROFESSOR MARTIN GILL: Information Processing (IFIP).
Director of Perpetuity Research and Consultancy CHRISTOPH FISCHER:
International and a Professor of Criminology at General Manager of BFK edv-consulting GmbH
the University of Leicester
Christoph Fischer is the general manager of BFK
Professor Martin Gill has published over 100 journal edv-consulting GmbH. He has more than 20 years of
and magazine articles and 11 books including experience in the IT Security area, specialising in
Commercial Robbery, CCTV, and Managing Security. He creating and testing security concepts. He is also a
is co-editor of the Security Journal and founding member of the following organisations: EICAR, FIRST,
editor of Risk Management: an International Journal. Cybercop Forum and EECTF. Christoph Fischer studied
Martin Gill is a Fellow of The Security Institute, a at the University of Karlsruhe (TH).
member of the Risk and Security Management Forum,
the Security Guild (and therefore a Freeman of the
City of London), the ASIS International Foundation
22
REFERENCES
SECTION ONE
1
Source: Robert Schifreen, author of Defeating the Hacker, derived from online research June-September 2006
2
In an interview with Tom Zeller Jr. of the New York Times:
http://www.nytimes.com/2006/07/04/us/04identity.html?pagewanted=3&ei=5088&en=18bc230a1ae1ba06&ex=1309665600&adxnnl=0&p
artner=rssnyt&emc=rss&adxnnlx=1162985316-o1mmMf67Bb0R8vQ8wCG6QQ
3
Source: Robert Schifreen, author of Defeating the Hacker, derived from online research June-September 2006
4
Source: Article on Stasi Recruits by Jamie Dettmer: http://findarticles.com/p/articles/mi_m1571/is_38_15/ai_56904965
(Accessed 17 July 2006)
5
In an interview with computer scientist Marcus Rogers of John Jay College, New York:
http://www.newscientisttech.com/article.ns?id=dn9619&feedId=online-news_rss20. (Accessed 28 July 2006)
6
In an interview with Valerie McNiven, advisor to the US government on cybercrime:
http://www.theregister.co.uk/2005/11/29/cybercrime/ (Accessed 4 June 2006)
SECTION TWO
1
Figures taken from the FBI website: http://www.fbi.gov/page2/june06/cimip062806.htm (Accessed 4 July 2006)
2
Figures from Secure Computing Research cited in: http://www.securecomputing.com/index.cfm?skey=1634 (Accessed October 2006)
3
Figures taken from an RSA Security report cited in: http://www.rsasecurity.com/press_release.asp?doc_id=6877&id=2682
(Accessed June 2006)
4
Figures taken from a Harvard University and the University of California study:
http://www.computerworld.com.au/index.php/index.php?id=217996450 (Accessed September 2006)
5
An extract of an article entitled “Les chiffres de la cybercriminalité en France” by Francois Paget, Senior Virus Research Engineer,
McAfee Avert Labs. September 2006.
SECTION FOUR
1
Taken from Gartner statistics reported in the media in October 2006: http://news.com.com/Smart-phone+sales+are+soaring/2100-
1041_3-6124049.html
2
In Stat prediction figures: http://www.instat.com/newmk.asp?ID=1566
23