Search



AuthenticationWorld.Com

About

This page contains a single entry from the blog posted on December 8, 2006 11:48 AM.

The previous post in this blog was Word zero day flaw only emphasizes the need for layered security.

The next post in this blog is More Word Woes Means Greater Enterprise Risk.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« Word zero day flaw only emphasizes the need for layered security | Main | More Word Woes Means Greater Enterprise Risk »

The Future For IT Grads...Organized Crime?

I read an interesting story today on BBC "Criminals 'target"tech students'". The story outlines how organized crime is now actively recruiting IT students. They graduate them from spam type activities, through to botnets and then into more sophisticated attacks. The story also states that organized crime is now paying for IT students university fees and then when they graduate, they offer them full time jobs.

The study also references a report released by McAfee this past July "Virtual Criminology Report". The report outlines the development of organized crime into the internet.

What observations can be drawn from the news story and the report?

1. Organized crime is here to stay on the internet. It is now a "mature industry" for criminals to make money.

2. Criminals are organizing virtual gangs in large numbers to attack medium and large enterprises. You don't have to be a Fortune 1000 company to be targetted.

3. The criminals have large dedicated talent pools to draw upon. For medium enterprises, I think this is worrying. Your small IT departments are trying to handle keeping the IT systems up while at the same time handling IT security. Those few individuals you have dedicated to IT security are reliant upon defense tools like antivirus and intrusion detection and prevention. Facing you are thousands and even perhaps hundreds of thousands of programmers who are dedicated to cracking your defenses.

4. The coupling of local organized crime with the cyber gangs is also very worrisome. The local people can target medium enterprises, obtain information and then contract out the IT work to the cyber gangs. This means that over the next two to three years, you're likely to see more sophisticated attacks on your enterprise using a combination of local people and malware.

5. Not wanting to be a pessimist, buy I can't see the increasing trend of organized crime diminishing any time soon. It will take years for governments to craft laws, increase their policing resources, coordinate across international boundaries and prosecute enough criminals to make them think twice about doing it.

There are dark clouds on the enterprise security horizon. A storm is brewing for the next two years. Time to get ready and deploy a multi-layered security strategy before the storm strikes you.

Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com

Posted by Guy Huntington on December 8, 2006 11:48 AM |

TrackBack

TrackBack URL for this entry:
http://www.authenticationworld.com/cgi-bin/blog/mt-tb.cgi/66

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)