Flourishing underground economy on the internet
Symantec, the IT security specialist, reports that, based on a threat analysis, stolen goods and related services to the total value of $276M were offered on the internet in the course of one year. Stolen credit card information is reportedly one of the most sought after and most offered commodities for criminals on the internet. The report says the proportion of activities relating to illegally offered credit card details is 31 per cent, while demand for these details amounted to 24 per cent of activities. Account information was offered in 20 per cent of cases. Demand for spam and phishing related services proportionally even surpassed supply at 21 per cent.
Symantec says assuming an average credit card limit, cyber criminals could have achieved a maximum revenue of $5.3Bn. The potential value of account numbers offered was stipulated at $1.7Bn.
Symantec's summary, from the results of the year-long analysis it carried out between July 2007 and June 2008, is that the underground economy on the internet has matured into a global market. The report says perpetrators act both in loose groups and in tightly organised gangs. According to Symantec, bank account details are offered for between $10 and $1,000 depending on their overdraft limits – and sometimes the price is even reduced for bulk purchases. The security service provider says cyber criminals acquire the know-how for their internet thefts via skilled staff and experts, for example software programmers and "talented data thieves", they find using normal job adverts.
The reports says that although there is increased pressure through public prosecution, business in the underground economy remains attractive to many criminals. According to Symantec, the servers used for selling illegal goods are routinely relocated to avoid detection. In the twelve months analysed, most of the servers were located in the US, said the security experts, followed by the EMEA (Europe, Middle East and Africa) region with 38 per cent, the Asian-Pacific region with 12 per cent, and Latin America with 5 per cent of servers.
Symantec analyst and security expert Candid Wüest said "Combative and protective measures against such attacks must adapt at the same rate that criminals develop new instruments and methods". The vendor has released the results of its analysis carried out between July 2007 and June 2008 in its "Report on the Underground Economy". For this analysis, Symantec monitored 69,130 active traders and evaluated more than 44 million emails exchanged in underground forums.
- Report on the Internet Underground Economy, Report from Symantec