A recent report by The John Grieve Centre for Policing and Security at London Metropolitan University, contributes 80% of all cybercrime to your run-of-the-mill crook. Going against the Hollywood movie grain, cybercrime is more likely to be perpetrated by the older generation than the basement dwelling loners portrayed on the silver screen. Nearly half of cyber-crooks (43%) are over 35 years old, and less than a third are under 25. (29%)
So has the lined blurred between the Blackhats, Hacktivists and Script Kiddies? The motives of anyone involved in cybercrime will always be defined, but we can arguably say the line between them has got thinner. With the Hacking tools available on the web, Backtrack being one of many, the need for coding or scripting has been substantially reduced. This means that those with a mere penchant for mischief will now be able to do considerably more damage, for arguably less effort. Virus writing software is freely available and easily allows people to build malware, spyware and Trojans which can exploit application vulnerabilities or create an army of botnets around the globe with which to launch these attacks. With the increase in the technology available it means a decrease in the skills needed to commit cybercrime, meaning the people hacking into your SQL database could easily be the local street gang rather than some organised Russian syndicate. Cybercrime isn’t just limited to online scams, dodgy pharmaceuticals or ID theft anymore, the range of damage caused by these attacks, together with the methods involved have shown in the recent media that much more is at stake, and that burying your head in the sand and taking the “It won’t happen to me” attitude is a seriously dangerous one to take.
So how can we combat the evolving nature of cybercrime? As the technology available in the hacking circles increases, the methods needed to protect against have to keep pace. Those that perpetrate these nefarious activities have an extensive network either by association or through other mediums and keeping up to speed with these ever changing attacks is becoming increasingly difficult. The moment security vendors put something in place to stop a possible attack the crooks will find a way to circumvent it. Vulnerabilities are being found on a daily basis in a variety of applications, and with the explosion of social networking and other communication methods, these are often known to attackers well in advance of any potential patches being released into the wild. It is essential that IT administrators do not rest on their laurels but keep up to date with the latest technology, methods and advancements if they are going to ensure protection of their network infrastructure.