Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Identity prices hit all time low

Symantec : 14 April, 2009  (Technical Article)
Symantec's annual internet security report reveals that price wars amongst criminals brought price levels for illegal identities down to those of a can of cola
Identity prices hit all time low
Symantec has released its Annual Internet Security Threat Report (ISTR), which found underground criminals are now buying full personal identities for less than the cost of a can of cola. For the bargain price of 50 pence, criminals can gain access to credit card details, names, addresses and date of births.

Guy Bunker, Chief Scientist, at Symantec said, 'This recession proof 'Underground Economy' is reaching such a level of growth and maturity that there are signs of a price war developing, as online criminals find it increasingly easy to steal private details, and barter to sell them for bargain prices. As above ground the world economy spirals, the Underground Economy has never been healthier.'

The Symantec ISTR provides an annual overview and analysis of worldwide internet threat activity, a review of known vulnerabilities and highlights of malicious code activity. The report, the largest and most detailed of its kind covers over 200 countries, is derived from data collected by millions of Internet sensors, first-hand research, and active monitoring of hacker communications and provides a global view of the state of Internet security.

Credit card information remains the most valued item, with details selling for as little as 40 pence ranging up to Pounds Sterling 20 for the most desired credit cards. Bank account credentials were fetching as much as Pounds Sterling 675 whilst full identities can be bought for between 50 pence and Pounds Sterling 40.

The level of malicious activity now taking place online is starkly revealed in this year's ISTR, and further reinforces the point that the Underground Economy is thriving.

- 1.6 million individual malicious threats were discovered in 2008
- This number represents 60 percent of the 2.6 million malicious threats that Symantec has detected in last 27 years, and so marks a significant tide-mark in the battle for online security

Guy Bunker continued, 'The Symantec ISTR this year highlights the size of the problem we are now dealing with. The fact 60% of the malicious threats ever recorded by Symantec were undertaken in 2008 highlights the seriousness of this rising threat and the need for us all to be educated about how to best protect ourselves, both at home and at work.'

The report also noted that web-based attacks remain the primary vector for malicious activity; this was in part due to the increasing size and sophistication of the Internet, as well as its increased use for a variety of activities. Attackers are also concentrating on compromising end-users for financial gain more than ever before.

- Of all the vulnerabilities identified in 2008, 63 percent affected web applications, up from 59 percent in 2007
- In 2008, 78 percent of threats targeting confidential information exported user data, up from 74 percent in 2007
- Six of the top 10 countries where Web-based attacks were prominent were from the Europe and Middle East Asia (EMEA) region - these countries accounted for 45 percent of the worldwide total, more than any other region

Finally, according to the report, 2008 was also a massive year for the bot, whose presence in the online world is rising steadily. Symantec observed an average of 32,188 active bots per day in the EMEA region in 2008, a 47 percent increase from 2007, when 21,864 active bots were detected.

- Spain was the top ranked country in EMEA for bot infections in 2008, with 15 percent of the total
- Lisbon was the top city, accounting for 5 percent of all bot infections in the region
- In 2008, Symantec identified 5,147 distinct new bot command-and-control servers in EMEA, of which 40 percent were through irC channels and 60 percent on http
- Russia was the top country for bot command-and-control servers in EMEA, with 20 percent of the regional total

Guy Bunker summarised, 'The illegal world of Internet crime is no longer perpetuated by spotty teenagers, it is attracting intelligent adults, very often, in some of the world's developing countries such as Brazil and India. This booming Underground Economy really is bucking the global recession trend. With over 100,000 malicious codes born every working day, it's not just the technology and code that's getting clever... it's also the approach and the strategy behind each attack.'

Additional key findings

- Over the past year, Symantec observed a 192 percent increase in spam detected across the Internet as a whole. The increase went from 119.6 billion messages in 2007 to 349.6 billion in 2008
- The highest percentage of spam detected in EMEA in 2008 originated in Russia, which accounted for 13 percent of the regional total
- In 2008, Symantec detected 55,389 phishing website hosts, an increase of 66 percent over 2007, when Symantec detected 33,428 phishing hosts
- Poland hosted the highest percentage of phishing websites to which EMEA users were directed by phishing lures in 2008, with 18 percent of all known lures
- The most common top-level domain used in phishing lures detected in EMEA in 2008 was .com, which accounted for 25 percent of the total
- Emerging countries are seemingly developing their own booming underground economies as their internet infrastructures and broadband populations grow

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo