"Your security will be breached; it is just a case of
when," David Thomas, deputy assistant director, FBI Cyberdivision,
told the recent BCS-sponsored World Wide Web Conference in
Edinburgh.
During a talk highlighting global criminal trends, Thomas said
cybercrime had become so endemic that head of the FBI Robert
Mueller regarded the Cyberdivision as next only to terrorism and
foreign intelligence operations in importance.
Financially motivated eastern European hacker groups are
increasingly active and network through magazines and online. This
helps the FBI to catch them.
The FBI can arrest people all over the world, although criminals
use various methods to avoid conviction, from using special key
fobs to wipe hard drives to physically melting the evidence in
woks, said Thomas.
Identity theft is becoming increasingly popular, with fake
credit cards selling for between £1 and £100 depending on the card
type and fraudster. Personal details are big business. US spammer
Jeremy Jaynes made £13m selling personal details before he was
caught. And the Mafia made £360m in seven years through e-crime,
said Thomas.
Criminals are using search engines to hack into secure files to
pull out credit card details or are producing their own algorithms
to generate "legitimate" credit cards.
China's increasingly technologically savvy population of 1.5
billion are seen as the next source of cyber-criminals.
Malicious code is becoming more complex and is no longer
confined to e-mail attachments. It is now possible to infect the
entire world within a matter of hours; hence, security patches are
becoming increasingly ineffective as these often take days to take
effect, said Thomas.
Trojans with features that allow calls and e-mail exchanges to
be monitored are also on the increase.
War driving is on the up, whereby wireless networks are mapped
for criminal gain or general mischief.
Ultimately it costs billions to combat cybercrime. As
individuals are the weakest link, improved education is vital, said
Thomas.
How to protect yourself
- Have a risk assessment programme
- Cyber intelligence training programmes to increase
awareness
- Defined defence technologies
- Vulnerability testing
- Penetration testing
- Proper systems administration
- Active content filtering
- A workable incident response plan
- Conduct forensics
Source: David Thomas, FBI Cyberdivision
Vote for your IT greats
Who have been the most influential people in IT in the past 40
years? The greatest organisations? The best hardware and software
technologies? As part of Computer Weekly’s 40th anniversary
celebrations, we are asking our readers who and what has really
made a difference?
Vote now at:
www.computerweekly.com/ITgreats