Hacking Conviction and Cybercrime
The conviction of Owen Thor Walker, 18, in New Zealand yesterday shows how far cybercrime has evolved. Not even legally an adult at the time, Walker became a bot herder with 1.3 million bots at his disposal. What do you do with those kinds of resources? You sell them and your skills on the cybercrime market.
This is not an isolated incident. As the latest McAfee Virtual Criminology Report (available here) (McAfee is sponsor of the Messaging and Web Security community) notes:
Computer skills are no longer necessary to execute cybercrime. Botnets have become tools which can be bought, sold and stockpiled like guns or drugs; they can even be traded or leased. This enables perpetrators with fewer technical skills to commit crimes. On the flipside, malware writers do not even need to commit the crimes themselves to make finnancially viable; they can simply sell the tools to do so. People can subscribe to tools that keep them up to date with the latest vulnerabilities, for example MPACK or Pinch which includes a support service to ensure it uses the latest vulnerabilities and even tests itself against security solutions to validate effectiveness.
And there is little disincentive to engage in cybercrime. Sharon Lemon, from the United Kingdom's Serious Organized Crime Agency, is quoted in the same report as saying:
"I don't think cybercriminals have any real fear of law enforcement yet. Right now the only cybercriminals who are really afraid are the pedophiles, because there's been a huge amount of effort put in there over the last few years, and now they know they can't just put their credit card details online and not be caught. Our job is to create a similar climate of fear for other types of cybercrime."
That is no small task.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
