Slashdot Log In
Cybercrime — an Epidemic?
Posted by
Zonk
on Fri Nov 10, 2006 01:24 PM
from the catch-it dept.
from the catch-it dept.
ChelleChelle writes "'Cybercrime is pervasive, nondiscriminatory, and dramatically on the increase.' So states TEAM CYMRU, an altruistic group of researchers focused on making the Internet more secure. This article is a look into the root causes of Cybercrime, its participants, and their motivations, as well as suggestions on what we can do to stop this epidemic." From the article: "Many victims do not seem to draw the correlation between their losses and cybercrime; worse, they often view it as a crime that is impossible to investigate and prosecute. For cybercrime to be acknowledged as an important issue, the victims must report such incidents to a receptive law enforcement community with a well-informed judiciary. Attempts such as the president's National Strategy to Secure Cyberspace represent a significant first step in the right direction. To have the desired impact, however, the detailed provisions delineated as action/recommendations must be implemented."
Related Stories
[+]
Social Networking Site Safety Questioned 73 comments
An anonymous reader writes to mention a TechNewsWorld article about social networking sites. Researchers are finding these places are goldmines for social engineering exercises. Between worm attacks and simple human observation, sites like MySpace are the perfect place to obtain saleable personal information. From the article: "The danger is real, according to a study conducted by CA and the National Cyber Security Alliance (NCSA). In October, the alliance issued its first social networking study examining the link between specific online behaviors and the potential for becoming a victim of cybercrime. Despite all the publicity about sexual predators on sites like MySpace and FaceBook, the alliance took a different approach by measuring the potential for threats such as fraud, identity theft, computer spyware and viruses. Although 57 percent of people who use social networking sites admit to worrying about becoming a victim of cybercrime, they are still divulging information that may put them at risk, as Boyd suggested. Social networkers are also downloading unknown files from other people's profiles, and responding to unsolicited instant messages that could contain worms, the NCSA reported."
This discussion has been archived.
No new comments can be posted.
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
My daddy always told me... (Score:5, Insightful)
Simple as that, the internet has easy money and easy access. Coupled with the ability to steal from long distance and dramatically lowered possibility of getting caught...
It's a no brainer, of course the level of cybercrime is increasing.
Not just the victims, the police too. (Score:5, Interesting)
Until law enforcement steps up to the plate and carries over on their job, people are going to continue to feel this way. Even once I had tracked the perpetrator down I had to personally go into the local prosecuting attorney's office to re-explain the case because they didn't get it either.
People have a reason to feel like they are unprotected on the internet.
It's because for a greater portion of incidents, they are.
Then there is the FBI's fraud division they setup online - which seems to be there for the sole purpose of reducing phone calls they have to take, while yet ignoring the reports unless they are very large cases - something I have seen discussed here on slashdot more than once.
I'm sure there are people with victorious memories over online criminals, but those are surely trumped by the sheer volume of cases where the victim reports the crime and the responsible law enforcement authorities do absolutely nothing if for no other reason than they simply do not know how.
Re: (Score:2)
Re: (Score:2)
People have a reason to feel like they are unprotected on the internet.
It's because for a greater portion of incidents, they are.
To a certain extent, that's true for any kind of crime. Police do only the minimum amount of detective work to qualify for the term "investigation". They are inundated with things to investigate. If you want police to work for you, you have to dig for yourself, get all the evidence together, document, photograph, and substantiate everything, and hand over a case pre-cut and ready
Cybercriminals do discriminate! (Score:5, Funny)
Myth? (Score:2)
P.s. Please limit your responses to things that are not "In Soviet russia, Virii write you!", etc.
It's really called "Team Cymru"? (Score:3, Funny)
Does the team also consist of... (Score:2)
Start with the 'petty-crimes' (Score:3, Insightful)
And I mean, web-forms vandalism. From spammers to Wikipedia vandals. The reaction is always "clean up and forget". Or, when a particular page is too frequent a target — protect it to registered users only.
Not enough, IMO. The vandals should by sought out and prosecuted — {RI|MP}AA style — making a few high-profile prosecutions against (semi-)randomly picked abusers to "drive it home" to others, that one's being far away does not make them immune.
Re: (Score:3, Insightful)
Of course, the US government had a great opportunity to make spam a crime, but the opt-out nature of the legislation meant it was bit of a damp squib.
I notice... (Score:2)
By The Way #1: They seem to have found some atypically literate hax0rs. I see commas, apostrophes (used correctly!!!), mostly correct spelling.
By The Way #2: I'm looking forward to all the hello_world.pl'ists ranting about how the ACM doesn't know what "hacker" properly means.
And their motto is: (Score:3, Informative)
Altruistic? (Score:3, Insightful)
Just that statement is more than enough to a) scare the crap out of me and b) doubt their "research".
Re: (Score:2)
You just have to report it! (Score:2, Informative)
Re: (Score:3, Interesting)
If they are no bodies the cops don't care unless maybe you are a multichain store. The cops get no revenue from a lot of legwork, good luck. If there aren't drug profits or ticket revenue i wouldn't hold my breath.....
An employee stole thousands in merchandise that was found in his garage and nothing happened. I have yet to have something bad happen to me or work (or the office or apt next door) that was actually solved except the one WE knew the a
Apparent lack of actions from Feds disappointing (Score:5, Interesting)
1) Stock pump scams. When one starts making the rounds (Cana Petrolium today judging by my mail), find out who made purchases of the stock in the previous week. Freeze their accounts until the individuals responsible can be dragged into an FBI office. If the FBI/SEC can't locate the individuals then it just means that the laws regulating the stock trade are jokes.
2) Phishing. Set up fake accounts with the banks being phished and submit them to the phishing sites. I'm sure the banks will be more than happy to help. As soon as anybody tries to transfer money in our out of the account, freeze the account on the other end.
3) Drug / Software scams. Same as #2. Set up fake accounts with Visa and MC. Submit them to the sites trying to 'sell' the stuff and wait for the account numbers to get re-used somewhere else (you didn't think any of these sites were doing anything other than harvesting CC numbers did you?). Follow the money.
If the Feds can't do these things, then I think it indicates that we may be at risk of a fairly catastrophic economic collapse. After all, if I can buy and sell stock illegally, take money out of bank accounts fraudulently and buy stuff with credit cards without authorization, and do it all anonymously, it's safe to say the criminals are going to win. If Bush would just declare these crooks to be 'cyberterrorists' and start subjecting them to extraordinary renditions and gitmo treatment, I bet his popularity would surge. And he would be doing something good for the country with his remaining two lame duck years.
Crime increases rampant as new laws are made up (Score:4, Informative)
Take the internet, and take file-sharing and then just add the two together and
outlaw file sharing, you get an instant couple of million of additional criminals.
Nothing to see here, move along citizens. There's a whole "Enforcement Community" to be
built here on the net, much like the "War on Drugs" racket that criminalizes millions
of Americans already and is the cause for more than 70% of all incarceration in this country.
for stupidreason in Drugs War Terror; do
echo "War on $stupidreason & profit"
done
But hey it's for the children and in order to keep them safe we have a billion dollar
Corrections Industry (Corrections USA Inc. comes to mind)
Three Letter Agencies that lap up your tax dollars
Special Police Squads
Drug Testing Laboratories (to test you at the workplace)
but that's so 20th century, now with "Cybercrime" we get
even more people in prison
even more Three Letter Agencies
even more Police Squads
even more Wiretapping and spying on your home computer
even more searches of your property at the airport (they already started copying harddrives at the AP).
If you're not dumb I think you get the picture: another artificial reason to criminalize, prosecute and
incarcerate in the making and bread and butter for thousands more of bureaucrats.
the way i see it ... (Score:5, Insightful)
- defacing webpages?
- password sniffing?
- phishing?
From my perspective, and my opinion may not always be correct -- the flood of 'cybercrime' by 'criminals' is a step in the right direction. They are forcing everyone to rethink our security models, and our plaintext connections. Far too often we neglect and abuse the passing of cleartext information
for far too long, we have been using these insecure protocols -- its time to step up and improve our security. How hard is it to use TLS, SASL and SSL? how about setting up our webservers to have a plain text portion, and a security based portion, using SSL? When will we finally learn to look at the URL when we are providing banking information to some seemingly safe site?
I'll tell you, we will finally have learned, once people have been driven to the point where insecure is no longer acceptable as status quo. Just like Video Card manufacturers that sell their products with 'hdcp compliant' all over the packaging -- so will ISP's, banks, and whomever, about SSL TLS, and secured authentication, etc, on the internet.
Crime is crime-defend yourself. (Score:3, Interesting)
Ignorance toward preventative measures usually results in victimization or a greater likelihood of it. There is no epidemic here. Crime will occur on every medium available-one must simply defend themselves from it. Given, a criminal can be smart enough (or determined enough) to commit an illegal act and this is bound to happen. That is why we have executive and judicial branches of the government-to apprehend and serve justice to those who succeed in breaking the law.
The internet is in its nascent form (and I dare say almost anarchistic), but it is no less a system effected by (human?-)entropy.
Re:how do you know when it's cybercrime? (Score:5, Informative)
You posted your number with the premise that you're selling a car. They're just trying to sell you a service based on that information. Now, if you would have put a disclaimer (like on Craigslist) saying something like "bona fide buyers only. No commercial services or solicitation," you might have been (in theory) entitled to recover civil damages.
-b.
Parent
Re:how do you know when it's cybercrime? (Score:5, Informative)
By the way, this is why you never post your cell number online. Set up a temp email address instead, or ask interested buyers to post their number, not yours.
Parent
Re: (Score:2)
Yep. That's autotrader. See this thread from rec.autos.misc [google.com] and this from ripoffreport.com [ripoffreport.com]
Re: (Score:2)
I got one of those last week. I don't publish my cellphone to ANYBODY, other than my family and a few friends. Most of my friends don't even have my cell. I can only think that it is Cingular itself that has given up my number to others.
And actually, I get no unwanted calls on my home line either, since it's a VOIP number given to me by Speakeasy.
Re: (Score:3, Interesting)