Organised criminals behind 90pc of internet security threats

5 Jul 2010

The majority of attacks on computer systems around the world today are motivated by financial gain, with 90pc of attacks being orchestrated by organised gangs.

This is according to a new report from security software vendor Symantec, which has just appointed Irish start-up Threatscape as its new partner.

Threatscape managing director Dermot Williams predicted a rise in these kind of breaches almost five years ago.

“Notoriety and bragging rights used to be behind the majority of activity. Now it’s cold hard cash – pure and simple,” said Williams.

Williams explained: “The ingenuity and deviousness of these guys can be astonishing – ranging from the myriad of bogus ‘donation websites’ that cropped up within hours of the Haitian earthquake to the way gangs trade details of new ways to compromise computer systems almost as a form of currency in the cyber underworld. Then there’s the recent growth in fake antivirus programs and even unsolicited phone calls from phony IT support lines offering to fix problems remotely – for a fee.”

The growth in well organised and targeted computer attacks for financial reward is a phenomenon that can affect companies regardless of size or of location, said Lorcan Kavanagh, Symantec’s country sales manager for Ireland.

“The very nature of how individuals and organisations make use of IT continues to evolve and it is important that they continually assess their systems to make sure they are well secured.”

According to the Symantec Intelligence Quarterly:

·         Eighty per cent of security breaches are targeted at stealing confidential data.

·        Credit card details are the most commonly advertised item on black market forums.

·        Attack toolkits and bank accounts follow these as the most popular black-market items for sale.

·        “Attack toolkits” debut at No 2 and allow novice attackers to launch sophisticated attacks.

·         Prices for credit card information ranged from US$0.33 to US$100.

·        The No 1 vector by which criminals and malware gets into a company continues to be email.

·        Some 285 million records were stolen in 2008, compared to 230 million between 2004 and 2007.

One of the fastest-growing areas of information security is DLP or ‘Data Loss Prevention’ – providing technologies that prevent valuable and confidential corporate data falling into the wrong hands, whether it is through the activities of malicious insiders or by accident, by potentially catastrophic incidents such as lost laptops or emails sent with unintended attachments – or to incorrect recipients.

Understanding where confidential data is located, how it is being used, and what steps must be taken to prevent its potential loss is vital.

Under the new partnership, Threatscape will be a strategic Symantec partner in Ireland for corporate IT security. Threatscape IT security consultants will deploy and support Symantec technology and solutions to provide enterprise-scale clients with a unique and compelling level of protection against digital threats.

“Analysing over 8 billion emails a day and monitoring activity at 240,000 different points and over 200 countries across the internet, Symantec have an unrivalled and real-time insight into developing IT security threats,” continued Williams. “This is why we have chosen to partner with them to help Irish organisations secure their business-critical IT systems.”

John Kennedy is a journalist who served as editor of Silicon Republic for 17 years