Stop them targeting your business
Don't think we're winning the war just because there hasn't been a huge virus outbreak recently. No. Instead of trying to get the biggest headlines, virus writers have been busy making money.
�Virus writers have been busy making money.�
Sarah Gordon - Symantec's expert on virus writers - has painted a picture of hackers that defies some stereotypes but confirms others. Gordon argues that they simply do not feel responsible for the damage they do. Their motivation has been kudos and challenge.
However, some virus writers with, shall we say, negotiable ethics are going over to the dark side. They have found that there is money to be made working anonymously for gangs to make a supply chain of crime. If there's one thing hackers know, it's how to cover their tracks online.
Extortion, theft and scams
A recent report from McAfee, another security software company, found that 70% of malware is now written purely for profit. Criminals make money using these tools in different ways, such as:
�Selling herbal Viagra has nothing on harvesting 20,000 names, addresses and credit card numbers.�
But most of all, the killer app of the internet underground is identity theft. Selling herbal Viagra has nothing on harvesting 20,000 names, addresses and credit card numbers. This is where things get more serious for business users. For example, a million phishing emails might get a few hundred usable credit card numbers. But if a criminal can get a hacker to break into a company's customer database or e-commerce data files, they can collect tens of thousands of identities in one go.
They use stolen identities to run up credit card bills, apply for loans and new credit cards and trade online. Besides the financial loss, victims of identity theft often find that it takes a long time to sort out the damage done when someone drives a bulldozer through their credit record.
A particularly sinister aspect of this hacking is that smaller firms and charities are increasingly being targeted. For businesses, the defences are straightforward:
Burglars tend to avoid houses that are well-lit, have dogs and alarms. They move on to the next place. These basic defences have a similar effect. However, criminal interest in personal data means that, apart from the basics, you need to pay extra attention to your customer or employee records:
Matthew Stibbe writes a new column every fortnight. Sign up to our security bulletin to read them.