The hidden economy of cyber crime

12 February 2012 - 02:01 By GREG GORDON

Computer security experts warn of spread of malicious software to mobile devices

Cyber criminals are using sophisticated techniques to steal data and peoples' identities, defraud mobile phone users and perform corporate espionage.

Cyber crime is nothing new but it is now an industry so established and lucrative that successful virus and malicious software (malware) writers, who have been raking in the cash for years and reinvesting it, are looking for exit strategies.

"We need better laws to deal with cyber crime," says Michael Moran, acting assistant director cyber security and crime at Interpol.

He sounds frustrated, and with good reason: over the last decade cyber crime has evolved into what analysts call a "parallel economy" worth billions.

And law enforcement authorities are virtually powerless to stop them.

At this week's Kaspersky Lab Cyber Conference in Mexico, computer security experts outlined the challenges that companies and individuals face in the wake of increased online criminal activity and its move into the mobile space. Devices using Google's mobile operating system Android are particularly at risk.

Cyber thieves will steal anything and everything they can lay their hands on once they have taken control of a computer - logins, passwords, contacts, banking details - everything. Criminals are significantly more technologically advanced than law enforcement agencies and the sheer number of viruses that are produced now indicates how fast the shadow industry is growing.

In 1994, one new virus was generated or written every hour. By 2006 it was one new virus every minute. Last year it was one computer virus every second.

Analyst John Pescatore, vice-president, internet security at researcher Gartner, says creation of malware is financially motivated and often targets strategic people within organisations, like chief financial officers and web administrators.

"These people will have Facebook or LinkedIn profiles or Twitter accounts and this is a way in to corporate networks for people with malicious intent," he says.

Online identity is a hot topic in combating cyber crime - Interpol's Moran says people are not anonymous in the real world when they withdraw money from a bank. Why should they be online?

"Increasingly they're not because of social networks. Why should you wear a mask on the internet?"

Eugene Kaspersky, the flamboyant CEO of his eponymous company, which recorded revenues of $612-million in 2011, says so-called ransomware is used to hijack and encrypt corporate data.

"Thieves extract payment in order to make it available again," he says.

"Or they steal money directly by intercepting data for identity theft, for example. Alternatively they monetise virus infections by harnessing people's and organisations' computer resources like memory, drives and processors to launch denial of service attacks that cripple networks they target."

He says state-sponsored targeted attacks do occur and that cyber warfare is an increasingly likely threat between nations.

What form those attacks could take is debatable, although militarisation of computer resources is growing and targets could be anything from systems that run prisons and airports to those that run utilities like power grids and water supplies. Life and death stuff.

A more immediate threat is the rise of mobile malware, targeting smartphones and tablets. Kaspersky's senior malware analyst, Denis Maslennikov, says there is an explosion of Android viruses and the number is growing exponentially.

"To put it in perspective, there are 15 known BlackBerry viruses and two we've found for Apple's iOS. There are more than 5000 for Android and these will grow in line with the availability of more Android devices.

"A smartphone is a computer," he says, "It's an obvious target for virus writers who have started off by creating trojans that automatically dial premium rate SMS services without the user knowing. Obviously that's discovered when the first bill arrives, but by that time the criminals have moved on."

Interpol will open its Global Crime Centre in Singapore in 2014 in an attempt to curb cyber crime. But police and even judicial authorities that do not have a firm grasp of the online crime environment will render that a white elephant. The internet is by its nature an ungovernable environment.

Corporate IT departments face other security issues in the mobile space - highly sensitive financial and competitive data is housed on smartphones and tablets.

An anecdotal statistic doing the rounds at the conference claims that between 5000 and 6000 laptop computers are left at London's Heathrow airport every day and only 25 to 30% are recovered. Even if that is partly true, it is terrifying.

Advanced, persistent threats is the mantra at the conference. It is going to get louder in 2012.