Petaling Jaya, Selangor Malaysia (PressExposure) April 25, 2011 -- Reports and analysis have proven that there have been a huge increase in the nature of cyber criminal activity ranging from identity theft to security breach, and the number will continue to increase if proper security measures are not taken.
What is important to note is the amount of losses has been quite substantial. More than 270 U.S. organizations quantified their financial losses for a total of $265 million. Analysts said the actual costs could be much higher. In the United Kingdom, the latest cybercrime cost estimates released by the Cabinet Office showed annual losses of more than $43 billion.
Bradley Anstis, VP of technical strategy at M86 Security, a global provider of Secure Web Gateway solutions, says the cyber crime industry generates over $100 billion per year and organisations can no longer accept cyber crime simply as a cost to business
Computer media reported that, while a global recession lingers, cybercrime is one industry that has shown double-digit growth for several consecutive years. Cybercrime has become more profit-driven, its "business model" has evolved, giving rise to new types of criminal activities and new twists on the old types.
According to Anstis, the most common way cyber criminals infect a PC is by hijacking a PC for their own purposes, such as a botnet-sending spam. The other method to gain access to a PC is through Web access via a backdoor downloader, which exploits vulnerabilities in the system.
According to PandaLab's recent malware report, the number of threats in circulation has risen in comparison to last year. In the first three months of 2011, PandaLabs identified an average of 73,000 new malware strains, most of which were Trojans. Moreover, there was a 26 percent increase of new threats compared to the same period last year.
Trojans remain the most popular type of threat to computer systems, and now account for 70 percent of all new malware. It can be incredibly lucrative for cybercriminals to commit fraud or steal money from Internet users through the online banking channel.
Analysts have also noted a shift from Windows-based computers to other operating systems and platforms, including smart phones, tablet computers and mobile platforms in general. Smart phones and tablets increasing popularity means more and more people are carrying miniature computers with them everywhere they go and using them for more of their daily tasks including financial transactions.
An information intelligence solutions company, Detica, which collaborated on the British government report with the Office of Cyber Security and Information Assurance in the Cabinet Office, reported that the real impact of cybercrime was likely to be much greater than that estimated. The report said most of the cybercrime costs were being shouldered by business.
Meanwhile, according to Anstis, "Since 2007, the security market has grown 41%, and this is compared to cyber crime that has conservatively grown 376%. "Ideally, security researchers are able to plug gaps before they are used for attacks, but this does not always happen; look at the problem with zero-day vulnerabilities. Security researchers have to use every tool in their arsenal against cyber criminals." said Antis
More awareness of security issues and incidents only demands on organizations to secure its information security environment. These report findings clearly indicates that data breaches are very common these days. One way to mitigate information security risks is with technical security training. EC-Council's brand new TakeDownCon is a technical information security conference series, in addition to learning from some of the best security experts, TakeDownCon also offers highly sought after technical training courses, including the Certified Ethical Hacker (CEH) course, often touted as the world's most comprehensive ethical hacking training program.
The CEH Program certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective. The Certified Ethical Hacker certification will fortify the application knowledge of security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in target systems and uses the same knowledge and tools as a malicious hacker.