The Symantec STAR team, a global contingent of security engineers, threat analysts, and researchers, gathered the data for the report during the one-year period between July 2007 and June 2008. The STAR (Security Technology and Response) team is responsible for providing all of the context which underlies Symantec’s security offerings worldwide.
The data was gathered by surveying the servers that support the underground economy. The Star team determined that the value of all the goods and services offered in the underground Internet economy was approximately $276 million during the reporting period, based on the prices of offered items.
The variety of items on offer was astonishing, but there were some categories that stand out from the rest based on the quantities offered. The largest of these is credit card information, which accounted for over 30 percent of the total on-offer value. Based upon the credit limits of the cards for which information is available, the overall value of this card information was over $5 billion. There are so many numbers available that they are sold in bulk, with bonus information offered on large quantity purchases.
The second largest category is in a similar vein: stolen financial account information, primarily simple consumer bank account data. This information comprised about 20 percent of the underground goods available, and was worth approximately $1.7 billion over the year covered by the report. According to the report, it is possible for thieves to draw the cash out of one of these compromised accounts in as little as fifteen minutes.
It is astonishing that so much obviously illegal information is available so openly. How is it possible for these individuals and groups to operate so openly and still avoid detection and how can we stop them? Stephen Trilling, vice president of Symantec STAR, answers this way: “As evidenced by the report on the underground economy, today’s cybercriminals are thriving off of information they are gathering without permission from consumers and businesses. As these individuals and groups continue to devise new tools and techniques to defraud legitimate users around the globe, protection and mitigation against such attacks must become an international priority.”
thanx:http://tech.blorge.com/
No comments:
Post a Comment