The Internet is scarier than ever, say top computer-security firms
Most Internet users do delete suspicious emails, guard their personal data and use anti-virus software, but it's not enough sometimes.
Fri, Sep 07, 2012 at 10:38 AM
Two new reports issued this week by America's top computer-security firms address the current state of cybercrime. If the reports are to be believed, the virtual world is a pretty scary place.
Symantec's 2012 Norton Cybercrime Report and McAfee's second-quarter Threats Report both say that cybercrime is enjoying exponential growth at rates neither company has seen before.
Such gloomy reports may put the Windows 8's onboard anti-virus software to the test. Although Microsoft's Windows Defender won't be officially released until late October, Symantec has already shot it down, telling ComputerWorld that it "doesn't move the needle much" when it comes to protecting customers online.
Symantec told SecurityNewsDaily's sister site TopTenReviews that viruses built for older versions of Windows will feel right at home in Windows 8. Windows Defender isn't much more than a stopgap meant to protect customers who never would have installed anti-virus protection in the first place, the security firm said. [Will Windows 8's Security Features Kill the Anti-Virus Industry?]
Dire state of security
Symantec's 2012 Norton Cybercrime Report stated that the world spent a estimated $110 billion to combat cybercrime over the past 12 months. That's an average of nearly $200 per victim, or as the report put it, "more than a week's worth of nutritious food necessities for a family of four" in the United States.
(Last year's Norton Cybercrime Report estimated that cybercrime cost $388 billion worldwide, "more than the global black market in marijuana, cocaine and heroin combined." Symantec was criticized for its methodology in compiling the 2011 report. The 2012 report does not refer to last year's numbers.)
Rapid changes in the ways Internet users go online, plus advances in cybercrime techniques, are part of the reason for the big numbers, Symantec says. The report found that one in five users had their mobile devices or social network profiles compromised in some fashion.
Fifteen percent of Symantec's respondents reported that their social network profiles had been used to impersonate them. Another 10 percent said they'd been the victim of a scam or had clicked on a malicious link delivered to them via a social platform.
At the same time, 31 percent of mobile users said they'd been asked to click on an embedded link that came from a number they did not know. Seventy-five percent of respondents said they are aware that criminals target social networks. Of those, 44 percent said they use a product or service to help combat social network fraud or theft.
Still, there was some good news. Symantec found that most Internet users use common sense and take basic precautions to protect themselves by deleting suspicious emails, closely guarding their personal information and using anti-virus software.
Eighty-nine percent of respondents said they ignore or delete suspect clutter in their inboxes, while 78 percent don't open any unsolicited attachments. Eighty-three percent reported using basic anti-virus protection.
On the flipside, though, the report found that 40 percent of the Internet population does not use complex enough passwords.
Big Red's two cents
The McAfee Threats Report also cited cause for concern for users who go online using mobile devices. Security threats for smartphones and tablets have, according to McAfee, grown exponentially since last year — especially on devices that run Android OS. Attackers are using text messages, mobile botnets, spyware and destructive Trojans against mobile devices.
Especially troubling, says McAfee, is the sheer amount of mobile malware out there and the rate at which it's being produced.
In just a year, McAfee's database of mobile malware samples grew more than 600 percent. In 2011, there were fewer than 2,000 mobile malware samples in its database. This year, there are already more than 13,000.
While Symantec's report focuses on victims and the monetary impact of cybercrime, McAfee's report examines the sheer number of viruses and other pieces of malware and the manner in which they evolve.
McAfee claims that the second quarter of 2012 brought with it the "largest malware rise in four years."
The security company claims that nearly all mobile malware that came out in the second quarter was directed at devices that run the Android OS.
What really caught McAfee's attention thus far in 2012 was "the emergence of mobile (Android) 'drive-by downloads' as a new attack vector, the use of Twitter for control of mobile botnets and the appearance of mobile 'ransomware' as the newest way of extracting funds from unsuspecting victims."
McAfee points to ransomware and botnets as "the latest cybercrime fads." Ransomware, McAfee said, "hold parts or all of a victim's computer or data hostage. The malware encrypts data or the entire computer and then ... demands money to restore it."
Although this method of extortion isn't new — it's been in use since at least 1989 — it's making a resurgence in a much more complex and savvy way than was possible two decades ago.
McAfee also said that botnet infections are at a 12-month high. These networks of "zombie" computers are used, unbeknownst to their owners, in tandem with other machines to send spam, infect other computers and engage in other online mischief. Now, McAfee says, botnet "herders" are controlling them through new platforms, including Twitter.
"Instead of connecting to a Web server, the malware searches for commands from specific attacker-controlled Twitter accounts. The attacker can tweet commands and all infected devices will follow them," McAfee said.
Twitter, the report added, provides an alternative to buying or stealing server time and affords the attacker an additional amount of anonymity.
Be wary of crying wolf
There's no doubt that the Internet is a place where you have to watch your back. One stolen password or successful phishing scam can have victims reeling for months. Canceling credit cards, calling credit agencies, recovering stolen funds, emails and corrupted files are all a part of the nightmare that begins when someone falls prey to an attack online.
Symantec, McAfee and most other makers of anti-virus software are for-profit companies, so it might be wise to take their cybercrime reports with a grain of salt.
In an op-ed earlier this year in The New York Times, technology researchers Dinei Florencio and Cormac Herley pointed out that "most cybercrime estimates are based on surveys of consumers and companies" in which the sample self-reports, meaning the gathered data is not scientifically valid.
"There is an enormous difference between preference questions (which are used in election polls) and numerical questions (as in cybercrime surveys)," Florencio and Herley said. "In numeric surveys, errors are almost always upward ... Respondent errors — or outright lies — cannot be canceled out. Even worse, errors get amplified when researchers scale between the survey group and the overall population."
To arrive at its 2012 numbers — 18 cybercrime victims every second, 1.5 million every day, 556 million all year — Symantec says it took the survey results of 13,000 self-reporting respondents in 24 countries who'd said they'd experienced cybercrime.
It then multiplied the percentage of positive responses by the CIA World Factbook's estimates of how many adults in each surveyed country use the Internet. (There's no indication of how the CIA World Factbook arrived at its own numbers, or whether they're considered scientifically valid.)
For the purposes of Symantec's survey, anybody who'd clicked on a malicious link or taken a dodgy Facebook survey was considered to be a victim of cybercrime. There is no indication of how survey respondents were selected, or how responses were gathered.
Symantec and McAfee's research and products are invaluable when it comes to curbing online fraud, theft and computer infection. When it comes to browsing safely, there is no substitute for great anti-virus software with a robust library of known viruses.
Related on SecurityNewsDaily: