The Booming Cybercrime Economy
posted by Danielle Citron
As ars technica reports, the underground cybercrime economy is flourishing. A recent whitepaper released by security company Symantec documents the vast market involved in the sale and trading of stolen credit cards, bank account credentials, email accounts, software, and other data that can be exploited for profit. The report estimates that, for the period covering July 2007 to June 2008, the total value of advertised stolen goods added up to $276 million. The most advertised, requested, and expensive product was credit card information, probably because it is difficult for merchants to identify fraudulent transactions before an online sale is completed. Bank account data stood as the next most popular product, likely due to the fact that balances of accounts can be transferred online to untraceable locations within minutes. “Attack tools” are also prominent goods for sale–services that steal information through denial-of-service attacks, engage in spamming and phishing campaigns, and generate botnets. (Most of the stolen information is obtained and distributed through these services).
Protecting sensitive information from this underground market, however, is often difficult. Consumers and organizations can follow welll-known (but imperfect) strategies to protect themselves. They can use antivirus, firewall, and antiphishing software. Because computer users are themselves a large part of the problem, technology alone cannot reduce the theft of sensitive information. Individuals need to be educated about phishing, which lures people into giving up personal or corporate information. An estimated 3.6 million Americans fell victim to phishing last year, leading to losses of more than $3.2 billion. As computer scientist Lorrie Faith Cranor recently explained in Scientific American, the number of phishing victims can be reduced by constantly improving phishing detection software and updating computer users about new types of phishing attacks. At the end of the day, however, phishers and their criminal cohorts are constantly evolving their tactics to stay a step ahead of technologies that combat their efforts and improving their ability to evade law enforcement. Time, of course, will tell if this underground market grows even more robust in the months to come.
December 3, 2008 at 2:00 pm
Posted in: Criminal Law, Technology
Print This Post
Leave a Reply