[ISN] Thieves Winning Online War, Maybe Even in Your Computer

From: InfoSec News <alerts_at_private>
Date: Mon, 8 Dec 2008 00:11:49 -0600 (CST)
http://www.nytimes.com/2008/12/06/technology/internet/06security.html

By JOHN MARKOFF
The New York Times
December 5, 2008 

SAN FRANCISCO - Internet security is broken, and nobody seems to know 
quite how to fix it.

Despite the efforts of the computer security industry and a half-decade 
struggle by Microsoft to protect its Windows operating system, malicious 
software is spreading faster than ever. The so-called malware 
surreptitiously takes over a PC and then uses that computer to spread 
more malware to other machines exponentially. Computer scientists and 
security researchers acknowledge they cannot get ahead of the onslaught.

As more business and social life has moved onto the Web, criminals 
thriving on an underground economy of credit card thefts, bank fraud and 
other scams rob computer users of an estimated $100 billion a year, 
according to a conservative estimate by the Organization for Security 
and Cooperation in Europe. A Russian company that sells fake antivirus 
software that actually takes over a computer pays its illicit 
distributors as much as $5 million a year.

With vast resources from stolen credit card and other financial 
information, the cyberattackers are handily winning a technology arms 
race.

"Right now the bad guys are improving more quickly than the good guys," 
said Patrick Lincoln, director of the computer science laboratory at SRI 
International, a science and technology research group.

A well-financed computer underground has built an advantage by working 
in countries that have global Internet connections but authorities with 
little appetite for prosecuting offenders who are bringing in 
significant amounts of foreign currency. That was driven home in late 
October when RSA FraudAction Research Lab, a security consulting group 
based in Bedford, Mass., discovered a cache of half a million credit 
card numbers and bank account log-ins that had been stolen by a network 
of so-called zombie computers remotely controlled by an online gang.

[...]


_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html
Received on Sun Dec 07 2008 - 22:11:49 PST

This archive was generated by hypermail 2.2.0 : Sun Dec 07 2008 - 22:22:35 PST