News

Opinion: Are We Winning the Battle Against E-Crime?

A recent survey of security and law enforcement executives shows that the fight against electronic crimes (e-crimes) continues to be an uphill battle.

Amongst the significant findings, respondents were asked on what security issues they spent the majority of their time. If the media is to be believed, one would expect the answers to include preventing phishing attempts, Denial of Service attacks and online extortion. Yet respondents indicated they spent more than twice as much time on "child exploitation" as any of those other threats. The top time-consumers were "fraud" and "identity theft."

(The term "identity theft" is a contentious one. It implies that one's identity is stolen such that it is no longer available to its owner. Although Hollywood and the media have made attempts to convince us this is plausible, the reality is it's virtually impossible to accomplish. Cybertrust prefers the term "identity fraud" when, for example, someone obtains the PIN number for your online banking and spends your money, or obtains the password for your PayPal account and abuses your privileges.)

The media take on the release of this year's survey suggested that fighting e-crime was getting better. However, at least 65 percent of respondents stated that the number of crimes experienced by their networks either didn't change or increased!

More than 50 percent of respondents indicated viruses, spyware and phishing attempts as the most common e-crimes committed against them. And thirteen percent of respondents indicated they had discovered zombies or bots on their networks. This is surprising because such systems generally require weak or non-existent firewalls in order to function, and these respondents seem security-savvy enough to appreciate the need for firewalls.

The top e-crime committed by organization insiders had to do with rogue wireless access points (WAPs). Presumably this refers to setting up a WAP without permission, or abusing the availability of a WAP. One has to wonder how many of these e-crimes were actually prosecuted, as opposed to reprimands being issued for not adhering to company policy.

The biggest motivator for not reporting e-crimes was that the "damage level [was] insufficient to warrant prosecution," while 6 percent reported that "prior negative response from law enforcement" prevented them from reporting. Law enforcement needs to ensure that number doesn't rise so the public continues to report e-crime.

Forty-three percent of respondents indicated their monetary losses remained the same or increased over 2004, and 53 percent believe they will stay the same or increase in 2005.

After "hackers" and "unknown," respondents indicated that "current employees" pose the greatest cyber security threat to their organizations.

Despite reports of abuse, respondents deemed firewalls and automated virus scanning as being 99 percent effective at detecting or countering misuse or abuse of systems or networks. Spyware and adware detection was rated as 94 percent effective, a surprisingly high value given the dire warnings the media continually deliver about how easy it is for new spyware and adware to be installed.

"Manual patch management" was cited as the least effective technology in fighting abuse. Interestingly, "automated patch management" was considered only slightly better than "physical security systems" and worse than "intrusion detection systems."

The survey, conducted by CSO magazine in cooperation with the U.S. Secret Service and the Carnegie Mellon University Software Engineering Institute's CERT(R) Coordination Center, is available at http://www.csoonline.com/info/ecrimesurvey05.html.

Russ Cooper is a Senior Information Security Analyst with Cybertrust, Inc., www.cybertrust.com. He's also founder and editor of NTBugtraq, www.ntbugtraq.com, one of the industry's most influential mailing lists dedicated to Microsoft security. One of the world's most- recognized security experts, he's often quoted by major media outlets on security issues.

Russ Cooper's Security Watch column appears every Monday in the Redmond magazine/ENT Security Watch e-mail newsletter. Click here to subscribe.

About the Author

Russ Cooper is a senior information security analyst with Verizon Business, Inc. He's also founder and editor of NTBugtraq, www.ntbugtraq.com, one of the industry's most influential mailing lists dedicated to Microsoft security. One of the world's most-recognized security experts, he's often quoted by major media outlets on security issues.

Featured

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft, Google and IBM Among First Members of Open Source Security Group

    Microsoft has joined a high-powered group of tech giants in a new industry foundation aimed at improving the security of open source software.

  • Microsoft In Talks To Acquire TikTok

    A deal between Microsoft and Beijing-based ByteDance is in the works that would have Microsoft acquiring some of ByteDance's holdings in the TikTok social media service.

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.