Cyber criminal activity on the rise in Turkey, data show
ISTANBUL - Hürriyet Daily News | 5/26/2010 12:00:00 AM | XI CHEN
More than 2 million computers were hacked and 476 million spam e-mails were sent in Turkey between June 2009 and May 2010.
According to the latest data by Trend Micro, a leading Internet security company, more than 2 million computers were hacked and 476 million spam e-mails were sent in Turkey between June 2009 and May 2010.
With Internet an increasingly integral part of daily life, criminals are finding new playgrounds in cyberspace.
In 2004 there were 680 million Internet users and 3 million malwares globally. Six years later, the number of Internet users increased to around 1.7 billion, but malwares jumped 10-fold to 30 million.
Malware, short for malicious software, is designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive or annoying software or program code. The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.
“The easiest way to get through traditional Internet security measures is by having a high volume of malware,” said Rik Ferguson, senior security adviser from Trend Micro, dissecting how cyber criminals operate.
He said there is a booming underground economy where “everything is for sale” in cyberspace. Criminals can trade 1 million e-mail addresses for $8. A full identity, including name, birthday, social security number, ATM pin and credit card information can be bought for $15.
“And we are not even talking about the big league players in cyber crime. A company made $180 million in 12 months just by selling fake security software,” Ferguson said. “People were basically paying to infect themselves as they didn’t know the software was malicious.”
“This is particularly dangerous with older people, as they tend to treat their PCs as their doctors, they will just listen to whatever the computer tells them to do,” Ferguson said.
He also provided a few examples on how criminals make money aside from selling outright fake software. There is the “ransom net,” where after a computer is infected by malware, all files would be encrypted and the user has to follow the criminal’s instruction to buy the key to decrypt and retrieve the files. Malware can also send out spams from one’s e-mail account and replace advertisings on websites.
In response, Trend Micro, the largest Internet security company headquartered outside of the U.S., just launched its new Titanium Securities for netbooks this month in an effort to help Internet users best combat malware.
“We provide dynamic and real-time protection, and we are the first company to develop its own intelligence on malware,” Ferguson said.
The company, a top consumer brand in Asia with its headquarters in Tokyo, has been in business since 1988. Nearly a quarter of its 4,000 staff is in the “threat research” department as the company aims to break the malware chain as early as possible.
In general, Ferguson said security companies, Internet companies and law enforcement are working together to clamp down on cyber crime. However, “The law hasn’t evolved enough compared to the technology.”
He gave a recent case in Spain as an example where a “BOT net” called “Mariposa” infected 13 million users and was stealing information from them. Under the Spanish law, it was not illegal to run a BOT net, so the criminals were only charged for stealing information. A BOT net is a network of infected PCs under someone else’s control.
The nature of the Internet also makes it harder to track down a criminal of cyber crime, as it crosses borders and is hard to understand. “It is not like a bank robbery. There is no eyewitness or video footage,” Ferguson said.
Criminals will go anywhere that has a good Internet infrastructure, so in the end the key is education so that users can protect themselves. People need to constantly be aware and also need to update their Internet security measures frequently to detect and get rid of new malware, Ferguson said.