Future of Engineering
Explore the Future of Engineering Blog Better from Kuklu
Monday, April 14, 2008
Cybercrime - Evolution, Future Trends
What if you could just sneak $1 out of the wallet of 50,000 different people? They probably won’t notice. If they discover the $1 missing, they probably won’t care, or may even assume they just lost it or mis-counted.
Now, what if you could sneak $1 from 50,000 different people while sitting at your laptop in the local coffee shop? What if you never have to physically confront a single person, nor risk physical harm in any way? What if you could perpetrate a virtual crime, cyberpickpocketing? How about if your cyberpickpocketing could net $50,000 today? That definitely sounds like a more solid business plan than the “Pickpocketing Across America” approach cited above. That is the allure of cybercrime, says this interesting post
Got me thinking about cybercrime in general, not just micro-commerce cyber crime. How is cybercrime going to evolve in future? What will be its various dimensions? And what are we doing about it? I have provided the various interesting resources I found during my research for answers to the above questions.
This interesting post @ ThinkQuest ( http://library.thinkquest.org/04oct/00460/future.html ) was certainly thought-provoking. It discusses how the rate of malware penetration in wireless and PCs is increasing. It also notes how malware are becoming more intelligent by the day. It concludes that "Trends suggest that criminals will become more insidious. Large-scale and damaging acts such as Dos attacks will become less popular as they are easy to detect and thwart with better security systems. Instead, newer and more indirect methods of crime like phishing and Trojans will become much more popular".
In this report Predicting the future of cybercrime and security, Alan Paller of SANS Institute provides details on predictions by twenty respected leaders in cyber focusing on the top 10 security developments for 2007. They narrowed 40 probable computer security developments down to 10 that have the highest probability of happening and will, if they happen, have substantial impact on large numbers of people. The developments predicted are in the following domains: 1. Laptop encryption, 2. PDA smart phones, 3.Targeted cyber attacks, 4. Cell phone worms, 5. Voice over IP (VoIP) systems, 6. Spyware, 7. Security vulnerabilities, 8. Rootkits, 9. Legislation governing the protection of customer information and 10. Network access control (NAC). In summary, the report says that attacker sophistication seems to be ahead of defensive tools. But by making the attackers' job harder and harder and by increasing the length of gaol sentences for cybercrime and improving international police co-operation and skill levels, we can continue to keep up with the attackers and, over time, begin to turn the tide.
In this brief interview titled Protecting the future from cyber crime, Platypus Magazine spoke with Federal Agent Nigel Phair about his new book and the impact of high-tech crime as he sees it, and the challenges which lay ahead in controlling cyber crime. Some of the questions posed in the interview are: "What are the challenges which lie ahead in policing high tech crime?", "Can policing keep up with the evolution of cyber crime – or is this an unwinnable war?", "Does a cyber criminal fit a typical profile?", & "Who do you see as being the most vulnerable to high tech crime?". Interesting perspectives in the answers.
According to Dan Hubard, a cybercime expert, cybercrime is all about costs and benefits, and criminals are no different from legitimate businesses in this respect. "The old criminals are learning from the new ones how to launder stolen credit cards, and they are learning how little risk they face of being caught," he said. The old criminal gangs have a lot of money that they can plough into cybercrime, which is potentially much more profitable that traditional forms of crime and is less risky.
The U.S. military has hinted that it will expand its cyber crime to cyber warfare in the near future, according to this article. Lt. Gen. Robert J. Elder Jr., who heads the Air Force's cyber operations command told the press that the military was currently developing ways to launch virtual attacks on enemies. The general even reckoned that if cyber squaddies could use the Net to scramble an enemy's communications system, they might even be able to do away with heavy handed conventional weapons like bombs.
First it was SAAS and now it it is CAAS - Crimeware as a Service. Criminals invest in crimeware-as-a-service, says this interesting article from Computerworld UK. 'Crimeware as a service', where criminals use online cybercrime services instead of running their own servers and software, is the latest development in internet crime. Hmmm
The Internet Crime Complaint Center posted their latest statistics on cybercrime recently, based on nearly 207,000 complaints people filed in 2007. Since 2006 losses to cybercrime had jumped over 20%, although complaints fell slightly. Over a third of the complaints were about auction fraud, the center said, and a quarter were about non-delivery of goods. Credit/debit card fraud, check fraud, identity theft and Nigerian letter fraud were also represented.
"Years ago, we saw cybercrime as a speciality," says a Dutch expert. "Now we have added cybercrime in every form of police training, so we are raising the level of the entire Dutch police force. There's no crime anymore where there are no digital components built in."
I guess the last statement kind of sums it up. Cybercrime is not a specialty crime any longer. It is a part of most crimes happening today. Not the most pleasant of news!
Now, what if you could sneak $1 from 50,000 different people while sitting at your laptop in the local coffee shop? What if you never have to physically confront a single person, nor risk physical harm in any way? What if you could perpetrate a virtual crime, cyberpickpocketing? How about if your cyberpickpocketing could net $50,000 today? That definitely sounds like a more solid business plan than the “Pickpocketing Across America” approach cited above. That is the allure of cybercrime, says this interesting post
Got me thinking about cybercrime in general, not just micro-commerce cyber crime. How is cybercrime going to evolve in future? What will be its various dimensions? And what are we doing about it? I have provided the various interesting resources I found during my research for answers to the above questions.
This interesting post @ ThinkQuest ( http://library.thinkquest.org/04oct/00460/future.html ) was certainly thought-provoking. It discusses how the rate of malware penetration in wireless and PCs is increasing. It also notes how malware are becoming more intelligent by the day. It concludes that "Trends suggest that criminals will become more insidious. Large-scale and damaging acts such as Dos attacks will become less popular as they are easy to detect and thwart with better security systems. Instead, newer and more indirect methods of crime like phishing and Trojans will become much more popular".
In this report Predicting the future of cybercrime and security, Alan Paller of SANS Institute provides details on predictions by twenty respected leaders in cyber focusing on the top 10 security developments for 2007. They narrowed 40 probable computer security developments down to 10 that have the highest probability of happening and will, if they happen, have substantial impact on large numbers of people. The developments predicted are in the following domains: 1. Laptop encryption, 2. PDA smart phones, 3.Targeted cyber attacks, 4. Cell phone worms, 5. Voice over IP (VoIP) systems, 6. Spyware, 7. Security vulnerabilities, 8. Rootkits, 9. Legislation governing the protection of customer information and 10. Network access control (NAC). In summary, the report says that attacker sophistication seems to be ahead of defensive tools. But by making the attackers' job harder and harder and by increasing the length of gaol sentences for cybercrime and improving international police co-operation and skill levels, we can continue to keep up with the attackers and, over time, begin to turn the tide.
In this brief interview titled Protecting the future from cyber crime, Platypus Magazine spoke with Federal Agent Nigel Phair about his new book and the impact of high-tech crime as he sees it, and the challenges which lay ahead in controlling cyber crime. Some of the questions posed in the interview are: "What are the challenges which lie ahead in policing high tech crime?", "Can policing keep up with the evolution of cyber crime – or is this an unwinnable war?", "Does a cyber criminal fit a typical profile?", & "Who do you see as being the most vulnerable to high tech crime?". Interesting perspectives in the answers.
According to Dan Hubard, a cybercime expert, cybercrime is all about costs and benefits, and criminals are no different from legitimate businesses in this respect. "The old criminals are learning from the new ones how to launder stolen credit cards, and they are learning how little risk they face of being caught," he said. The old criminal gangs have a lot of money that they can plough into cybercrime, which is potentially much more profitable that traditional forms of crime and is less risky.
The U.S. military has hinted that it will expand its cyber crime to cyber warfare in the near future, according to this article. Lt. Gen. Robert J. Elder Jr., who heads the Air Force's cyber operations command told the press that the military was currently developing ways to launch virtual attacks on enemies. The general even reckoned that if cyber squaddies could use the Net to scramble an enemy's communications system, they might even be able to do away with heavy handed conventional weapons like bombs.
First it was SAAS and now it it is CAAS - Crimeware as a Service. Criminals invest in crimeware-as-a-service, says this interesting article from Computerworld UK. 'Crimeware as a service', where criminals use online cybercrime services instead of running their own servers and software, is the latest development in internet crime. Hmmm
The Internet Crime Complaint Center posted their latest statistics on cybercrime recently, based on nearly 207,000 complaints people filed in 2007. Since 2006 losses to cybercrime had jumped over 20%, although complaints fell slightly. Over a third of the complaints were about auction fraud, the center said, and a quarter were about non-delivery of goods. Credit/debit card fraud, check fraud, identity theft and Nigerian letter fraud were also represented.
"Years ago, we saw cybercrime as a speciality," says a Dutch expert. "Now we have added cybercrime in every form of police training, so we are raising the level of the entire Dutch police force. There's no crime anymore where there are no digital components built in."
I guess the last statement kind of sums it up. Cybercrime is not a specialty crime any longer. It is a part of most crimes happening today. Not the most pleasant of news!
Labels: Computer-Science, Safety, Society
PermaLink - Cybercrime - Evolution, Future Trends posted by Ecacofonix : 8:48 PM
