Cyber criminals get organised

Symantec has reported an upsurge in organised data theft and the growth in underground economy servers selling ID numbers, credit cards, PIN numbers, user accounts and email address lists.

The most worrying aspect is that in you can buy US-based credit cards with a card verification numbers for less £1 and a new identity, comprising US bank account, credit card, date of birth and government issued identification number, for less than £10.

The trend was highlighted in the company's latest Internet Security Threat Report which said that there is an increase in data theft, data leakage and the creation of targeted, malicious code designed to steal confidential information that can be sold on.

Symantec set up a group of servers without any protective software which were soon taken over by online criminals. It then collected the information on the black market transactions taking place on those systems.

"You can become a brand new American" said Alfred Huger, vice-president of the Symantec Security Response. "It's frightening that it could be sold pre-packaged and ready to go like that. The hobby-horse hacker is a thing of the past. These guys work business hours. It's pretty organised, which is the scary part. Now we're seeing a well-oiled machine for stealing data."

In addition to data theft, Symantec noted that 45 per cent of the top 50 malicious code samples were Trojans, up 26 per cent on the first six months of 2006. There were 12 zero-day vulnerabilities during the second half of 2006, well above the one zero-day vulnerability documented in the first half of the year.

For the first time, Symantec identified the countries responsible for spreading the most malicious code. The US topped the poll 31 per cent, with China in second on 10 per cent and Germany in third with 7 per cent.

Like this story? Spread the news by clicking below:

 del.icio.us     Digg this     reddit!