Australians Major Victims of Identify Theft as Hackers Commercialise
Australians Major Victims of Identify Theft as Hackers Commercialise
September 18, 2007: Symantec have released the latest Internet Security Threat Report (ISTR), which shows hackers are shying away from fame and focusing on what can earn them a crust.
Traditionally, hackers and crackers have been concerned with unleashing harm on big named corporations and government institutions, for both ideological and fame based reasons. According to Symantec’s latest report, this is a thing of the past as an increasing number of malicious code propagators focus in on earning the big bucks.
“In the last several Internet Security Threat Reports, Symantec discussed a significant shift in attackers motivated from fame to fortune,” said Arthur Wong, senior vice president, Symantec Security Response and Managed Services.
The money comes from selling hacking toolkits to amateurs who aspire to cause harm to websites and networks. The toolkits have been exploding in popularity and causing a nuisance for security companies as it effectively increases the pool of opponents by providing easy to use software for malicious purposes. This has lead to 47% of all known attacks originating from amateurs using the three major hacking toolkits, a figure which looks set to rise even higher.
The ISTR is gathered from “40,000 sensors, 120 million desktop servers, 2,000 decoy accounts, 370 million email accounts across 3 security operations centres” said Paul Crighton, Director of Enterprise Sales at Symantec.
According to Crighton, a staggering 9% of all Australians have been victims of identify (ID) theft and a further 17% know someone who has. This is largely brought about by hackers compromising networks and accessing financial and personal information such as credit card details. Considering how detrimental ID loss can be on someone, this is a staggering figure as it is very close to 1 in 10 Australians becoming victims of ID theft.
Additional findings from the report:
- Credit cards were the most commonly advertised commodity on underground economy servers, making up 22 percent of all advertisements; bank accounts were in close second with 21 percent.
- Symantec documented 237 vulnerabilities in Web browser plug-ins. This is a significant increase over 74 in the second half of 2006, and 34 in the first half of 2006.
- Malicious code that attempted to steal account information for online games made up 5 percent of the top 50 malicious code samples by potential infection. Online gaming is becoming one of the most popular Internet activities and often features goods that can be purchased for real money, which provides a potential opportunity for attackers to benefit financially.
- Spam made up 61 percent of all monitored e-mail traffic, representing a slight increase over the last six months of 2006 when 59 percent of e-mail was classified as spam.
- Theft or loss of computer or other data-storage medium made up 46 percent of all data breaches that could lead to identity theft. Similarly, Symantec’s IT Risk Management Report found that 58 percent of enterprises expect a major data loss at least once every 5 years.