The Troubled Economy Fuels Cyber Crime

According to the Internet Crime Complaint Center (IC3), cyber crime was up in 2008, and if the first few months of 2009 is anything to go by, this trend is not only continuing, it is accelerating. And early indicators for 2009-February to March 2009-shows an additional 50% increase in reported Internet fraud complaints.

by / May 26, 2009 0

According to the Internet Crime Complaint Center (IC3), cyber crime was up in 2008, and if the first few months of 2009 is anything to go by, this trend is not only continuing, it is accelerating.

As the country slides into recession, early indicators for 2009-February to March 2009-shows an additional 50% increase in reported Internet fraud complaints.

"These numbers are shocking, but given that the vast majority of incidents go unreported, the threat of identification theft is actually much more serious than even these figures would lead us to believe," says Justin Yurek, President of ID Watchdog, Inc. Common wisdom says that only one cyber crime in seven-or about fifteen percent-is actually reported.

Internet fraud includes everything from bogus sales on auction sites such as eBay and classified sites like craigslist.com, to smaller scale version of the Ponzi scheme perpetrated by disgraced New York financier Bernard Madoff.

As an example, a scam recently surfaced via e-mails that masquerade as originating from the FBI and other federal agencies seeking the recipient's bank account information in order to "help with illegal wire transfer investigations." Sweet.

The Recession Impact

Many observers put the continued surge in cyber crime down to the recession, and for several reasons.

As reported by the TechArena Forum , McAfee for one, in their annual McAfee Virtual Criminology Report-which examines emerging global cyber security trends, with input from leading academics, criminal lawyers, law enforcement authorities and security experts across the world-identified the following challenges:

The Cyber Credit Crunch - The cyber criminal is now trying to cash in on consumer anxiety to profit from old-fashioned "get rich quick" scams.

Meaning, that there are now people who voluntarily sign up to add malicious code to their websites, lured by the promise of easy money. At the same time, desperate job seekers are being recruited as "money mules" to launder cybercriminal gains under the guise of "international sales representatives" or "shipping managers."

In addition, with the economic downturn driving more people to the web to seek the best deals, opportunities for cybercriminals to attack are on the rise as people are more easily drawn in.

Governments are distracted - As governments grow more and more preoccupied with the economic downturn, their fight against cyber crime slides down their agenda, inviting more and more audacious individuals onto the cyber crime field.

The Cybercop Shortage - It is a known fact that police forces on the cyber crime front line often lack the specialist skills required to effectively fight these criminals.

Furthermore, the lack of dedicated and ongoing training, sufficient remuneration, or even a clear career path, is causing cyber crime specialists to be lured into the more lucrative private sector or even into underground economies.

Criminality Concealed - Eastern Europe, Russia and China have become key safe havens for cybercriminals while Brazil has become one of the fastest growing scapegoat countries for cybercrime. Traffic is often re-routed (and often via Brazil) as a decoy causing considerable misdirection in the origin of attacks.

Information Silo - While law enforcement is bound to physical national boundaries, cybercriminals are free to cooperate across borders.

Law enforcement communication between countries remains inconsistent and limited. Local issues and priorities take precedence over global efforts and international laws are being implemented with regional variations that impede the ability to negotiate jurisdiction and extradition between countries.

This is an environment that plays right into the hands of the cyber criminal, much to the frustration of cyber police.

Microsoft's Take

As reported by

RedOrbit Microsoft shares McAfee's view that the global recession could prove to be a starting point for an influx of more cyber criminals seeking to use their computer skills to earn extra money.

"Today these (cyber) attacks are no longer about vandalism, they are about cash," says Roger Halbheer, Microsoft's chief security advisor for Europe, the Middle East and Africa.

"Cyber crime has gone from cool to cash. And this will definitely grow in the future," he told AFP (Agence France-Presse) during a recent international conference on terrorism and cyber security in Spain. "At the moment we are still at the cool side. But I'm expecting it to move to the cash side."

He then went on to add that it is, "one of the things that scare me about the economic downturn because I expect cyber crime to grow."

Also, the current economic crisis is causing a large number of layoffs, many of them from tech firms, meaning that more and more computer experts will have a lot of time on their hands, but no money. Tempting.

Fixing any and all security issues in software, does not solve the problem for, "Unfortunately the bad guys don't give up and go away. Instead they increasingly focus on crimes of deception that prey on human vulnerabilities rather than software vulnerabilities."

A Law Enforcement Perspective

Lt. Rocky Costa, who until recently headed up the Southern California High Technology Task Force agrees. "In fact, law enforcement has always seen a rise in all sorts of theft crimes when the economy goes south. The crooks look to fraud as the best way to separate folks from their money. People are most vulnerable when money is tight and they are looking to save their homes, savings, retirements, and often, their families.

"They become easy prey to the con-artist who has no sense of right and wrong, but knows how to capitalize on human weaknesses. You see the con artist makes a living studying people and their behaviors. They know their success rate will increase as the economy tumbles and/or the recession climbs. Since a vast number of folks use technology daily, it is only natural to expect technology to be another weakness and another method for exploitation.

"Historically, the number of street robberies goes up, along with shoplifting, and burglaries as the money becomes scarcer. Although we have not yet seen these increases at the lab, we fully expect them. However, with the current economy, even government must begin to cut back. When they do, technology based crimes slide down the priority list in favor of these more visible types of theft.

"People need to stay vigilant in the face is despair, holding onto their values and good judgment will be the only way they will be able to fully protect what they have left, until we all see around the corner."

A Call to Action

During the opening keynote at RSA Conference 2009 Art Coviello, President of RSA, The Security Division of EMC, cautioned that the global cyber-threat continues to escalate and online fraudsters are more organized, collaborative and effective than ever. He addressed major forces such as the economy and emerging technologies that are driving the information security industry to evolve and adapt-and how these forces provide an opportunity for "inventive collaboration" to effectively restructure the information infrastructure.

"To combat the cybercriminals requires far more purposeful collaboration on the part of the industry and a strong security ecosystem built around a common development process focused on risk," said Coviello. "Today's security technologies are applied as independent applications cluttering the information landscape and leaving perilous gaps of risk."

Coviello cited three major forces driving the information security industry

to evolve and adapt, including:

o the challenge posed by the criminal threat;
o the demand upon enterprises and governments to achieve unprecedented levels of productivity to restore value to the faltering economy; and
o the opportunity to rethink the approach to security based upon emerging technologies and trends such as virtualization, cloud computing and social networking.

According to Coviello, "We must embrace a common development process that allows us to create a more secure infrastructure today. Then with an eye on the future we can ensure that the new technical infrastructure is designed around that process, rather than forcing a process around a collection of technologies.

"We must develop a stronger and healthier ecosystem than the fraudsters and ensure the fluid and frictionless exchange of information on which our global economy depends. It's not about changing the game; it's about winning the game," said Coviello.

 

 

Ulf Wolf, based in Coeur d'Alene, Idaho, writes about Cyber Crime and the Digital Citizen for Digital Communities. Photo by Cory Doctorow. CC Attribution-Share Alike 2.0 Generic