Huge increase in hackers and pornographers

[InfoSec News <isn () c4i org>]

http://www.business.scotsman.com/technology.cfm?id=1364472002

PETER WARREN 
Sun 8 Dec 2002

BRITISH police are making a special plea to business to report
computer crime after announcing a huge increase in the activities of
hackers and Eastern European criminals. Detectives are so concerned
they are even prepared to waive its mandatory obligation to prosecute
in return for more information.

Companies which have been victims of cyber crime have traditionally
been reluctant to talk to police because of the bad publicity a court
case could arouse.

The move, timed to coincide with this week's three day E-Crime
Congress, organised by the National High Tech Crime Unit, represents
an increasing recognition from the police of the damage computer crime
is wreaking on UK business. According to the DTI's Information
Security Breaches Survey 2002, computer hacking and virus attacks are
costing £10bn p.a. and 78% of large-cap companies have experienced
some kind of electronic attack in the past year. The average cost of a
security breach is £30,000.

The congress is intended to open a communication channel between the
police and UK businesses, which have largely dealt with the problem of
computer crime internally. According to experts, the new initiative by
the NHTCU, which was only formed 18 months ago, centres on the need to
encourage the financial services sector to report computer crime
without fear that it could lead to a collapse in consumer confidence.  
Banks and finance houses have often preferred to tackle the issue
internally. The complaint is that the business community has done
little to help. There is even evidence that some financial
institutions use head-hunting agencies to remove employees suspected
of computer misuse rather than get involved in embarrassing
disciplinary proceedings.

Last year, website Silicon.com, backed by the Computer Software
Association and the CBI, suggested the creation of an independent
crime reporting body, to be hosted by the International Chamber of
Commerce. But many organisations, including the former Defence
Research Agency and GCHQ, have tried and failed to get companies,
particularly in the City, to share details of computer crimes .

The depth of complacency is evident from a CBI survey last August,
which found that nearly 70% of respondents thought a cybercrime attack
would have negligible financial impact. Loss of trust was seen as a
bigger threat. Digby Jones, director-general of the CBI, believes
fears over potential losses and the damage to reputation that internet
crime can cause is stalling the growth of e-commerce.

The CBI's survey revealed that 45% of cyber crime was caused by
hackers, 13% by ex-employees, another 13% by organised criminals, and
11% by current employees. Credit card fraud represented only 4% of the
most serious incidents.

According to chief superintendent Michael Deats, deputy head of the
NHTCU, a sudden influx of criminals from the Eastern bloc, coupled
with local criminals turning to cyber crime, has underlined the
urgency of stepping up efforts. "There is a very real threat emerging
and, if we want to tackle it, we have to do it with the collaboration
and co-operation of business," said Deats. "We need an exchange of
intelligence on an intelligence-only basis."

The squad's success in exposing paedophiles operating on the internet,
which has resulted in high-profile prosecutions all over the world,
has inadvertently revealed the extent of criminal involvement in
e-crime.

"There appear to be close links between eastern European hackers
attacking western businesses and internet pornographers. Incredibly,
hackers used by one pay-per-view paedophile site took over the
computer system of a major UK company and used it to host the gang's
website.

"Eastern Europe is a significant threat, and we're seeing a
disproportionate amount of electronic attacks coming from there,"  
Deats said.


VIRUSES to watch out for:

ILOVEYOU has infected up to 45m computers, causing an estimated £7bn
worth of damage

Klez.H - Messagelabs has spotted 775,000 copies - that’s 2,700 every
day

Bugbear is spreading rapidly, particularly in the Asian Pacific.  
Anti-virus firm Messagelabs has intercepted 130, 000 infected e-mails
since it appeared in September

The Goner has so far hit 17 countries

Code Red infections has caused an estimated 2.6bn in damage



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.