Police chief warns of rise in cyber crime

Britain is facing a rising tide of online crime such as bank fraud committed by computer hackers, the country's most senior policeman has warned. 

By Alastair Jamieson

Sir Paul Stephenson, the Metropolitan Police Commissioner, said organised crime gangs were increasingly turning to the internet in pursuit of illegal profits.

Writing in the Sunday Telegraph he said forces faced with a budget squeeze should not cut specialists tacking such complex crimes in order to maintain bobbies on the beat, adding "Uniform officers alone will not keep the streets safe."

Sir Paul said it would be "fundamentally misguided" to scale back efforts against internet crime when the growth of online shopping and banking has made Britons more vulnerable than ever to electronic fraud.

He warned: "My investigators tell me the expertise available to law enforcement is thin, compared to the skills they suspect are at the disposal of cyber criminals."


The warning comes after 11 suspects were charged last week in London, and 37 in New York, at the culmination of the year-long Operation Trident Breach investigation involving the Met and the FBI.Detectives believe a global fraud ring stole $70 million (£44 million) from online bank accounts using the Zeus Trojan, malicious software spread by email which infected thousands of computers and gained access to passwords.

Five more suspects arrested in the Ukraine were said to be kingpins.

In a separate case, another major cyber fraud trial will begin next week.

Sir Paul said organised criminals were "waking up to the profits and uses of e-crime" as an easier way to extort larger sums of money, adding: "The modern Tony Soprano-style crime lord will have a cyber expert on hand."

Yet he disclosed that of the 385 officers in England and Wales dedicated to online work, 85 per cent are fighting people-trafficking and child pornography – leaving fewer than 60 to fight financial crimes such as bank fraud.

Police forces are braced to bear their share of public sector budget cuts, with the Police Federation saying that as many as 40,000 jobs might be axed across England and Wales over the next four years.

Warning against political pressure to maintain the number of uniformed officers, Sir Paul said specialists working on e-crimes were "unseen officers, as far as the public and some politicians are concerned".

"Some commentators argue that we should concentrate on uniformed policing and draw back from specialised work that could be done by others," he said.

"Leave cyber crime to the banks and retailers to sort out, the argument runs. It's a fundamentally misguided argument.

"If the debate about police cutbacks gets bogged down in arguments about 'uniforms before specialists' we will not serve the public well."

He added that online fraud caused "deep distress" to victims and "threatens the integrity of our modern economy".

The Met's e-crime unit cost £2.75 million to run last year, but online fraud generated an estimated £52 billion worldwide in 2007.

It is estimated that the global 'virtual task force' of which the Met is part prevented £21 in potential theft for every £1 spent on it.

Sir Paul said police were only tackling 11 per cent of the 6,000 organised crime groups in England and Wales "in an operationally meaningful way".

source: Telegraph.co.uk

CYBER CRIME & YOU Part 1 ….. be vigilant you could be the next victim By Akubo Patricia NYSC MDGs Corps Member

A new report by the Internet Crime Complaint Center has named Nigeria, Africa’s largest telecom market by investment and subscription, number three in the world, and the top African nation in the U.S. Agency’s cybercrime rankings. This means that Nigeria has the highest number of cybercrime incidents in Africa and is right behind the U.S. and the U.K which have larger populations. The publicity surrounding Nigerian cybercrime is raising fears that the country may face a slowdown in international investment in the telecom as well as the financial sectors.
As more Africans use the internet for their banking needs, the number of fraudsters eyeing people’s bank accounts and online financial transactions has also multiplied.
The United Nations Office on Drugs and Crimes estimates that Nigeria has lost millions of dollars through cybercrime, and Nigerians have been impoverished through the activities of these fraudsters.
Characteristics of Cyber Fraud
•altering computer input in an unauthorized way. This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes;
•altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect;
•altering or deleting stored data;
•altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common.
Other forms of fraud may be facilitated using computer systems, including bank fraud, identity theft, extortion, and theft of classified information.
A variety of Internet scams target consumers direct.

source: letsrealize.wordpress.com

Cyber crime poses threat to E-commerce

The past 12 months have been a banner year for cyber crime. And that could be bad news for the future of e-commerce.
“At current trends, in three or four years people will start to think twice about transacting on the Web, individuals and businesses,” said Michael Fraser, director of the communications law centre at the University of Technology Sydney.
“The way it’s trending now, the Web could be so full of rubbish that people won’t trust it,” Fraser said. “That could destroy the potential of the whole knowledge economy, which so many developed economies are counting on for the competitive advantage.”

According to antivirus maker Symantec, 87 percent of e-mail traffic in the past year was spam, compared to just under 70 percent in 2008. More than 40 trillion spam messages were sent according to Symantec, which monitors about a third of the world’s e-mail traffic. That’s about 5,000 spam messages for every person on the planet.
More of that spam is harboring malicious software, or “malware,” — 2 percent of spam contained malware, a 900 percent increase from the previous year.
Malware comes in a variety of forms that can search computers for bank information and personal details for identity theft, or hijack computers to become foot soldiers in a spamming army of zombie “botnets” — often unbeknownst to the owner. In Australia alone, an estimated 10 percent of computers are infected with malware, Fraser said. “And we’re relatively low because we have less (broadband penetration) than many other countries,” he said.
The past year saw an explosion of individuals on social networking sites such as Facebook having their accounts compromised and spam being sent to friends within their network.
In this way, cyber criminals have made the attacks more personal because they are sending out messages appropriating victims’ names, says Marian Merritt, an Internet safety advisor for Norton, the antivirus brand produced by Symantec. “In the past, people felt annoyed by spam, they didn’t really feel a sense of being attacked,” Merritt said. “But if your Facebook account is hacked, it’s embarrassing.”
The past year has seen the rise of “scareware” — malware that parrots a legitimate antivirus software program and then infects the computer with “the very malware it purports to protect against,” a Symantec report said. For a 12-month period ending June 30, Symantec received 43 million reports of scareware installation attempts.
“That took a lot of us in the industry by surprise the past year,” Merritt said. “You get a pop-up ad saying, ‘you have multiple viruses’ then asks you to download the antivirus software. Once you download those programs, they hold you hostage.”
The speed of news
The past year saw the rising speed and popularity of malware spam and Web sites with touts related to current events and celebrity news. “Who killed Michael Jackson?” “Get swine flu medicine here” and “Full eBook Harry Potter” were some popular online traps to open dangerous e-mail attachments or be directed to Web sites’ malware.
“If you want to know what spam will be hitting tomorrow, look at Google Trends today,” said Merritt, referring to Google’s site that shows hot topics and searches by its users.
One of the most alarming incidents in 2009 for governments and policy makers was the July 4 attacks on U.S. government sites, such as the White House, the New York Stock Exchange and Nasdaq — followed a few days later by similar attacks on Web sites in South Korea. According to a research paper by antivirus maker McAfee, both attacks were made by the same “botnet” of 50,000 computers, which spammed targets with so many e-mails their IT systems were overwhelmed.

Fact Box

Cybercrime Prevention
– Have antivirus software, anti-spyware and firewall
– Never respond to spam
– Don’t open suspicious emails or attachments
– Never provide passwords or personal information to unsolicited emails or Web sites
– When asked to ‘allow’ or ‘deny’ an application access to the Internet, choose deny unless you are confident in the safety of the site you are accessing
– When shopping or banking online, make sure website contains an “s” after http (as in https) . Look for the ‘lock’ icon in lower right corner
Sources: Symantec and Trend Micro

North Korea was suspected as the originator of the attack, leading Dmitiri Alperovitch, vice president of threat research at McAfee, to suggest one motivation of the attack “could have been to test the impact of flooding South Korean networks and the transcontinental communications between the U.S. government … (which) would provide them with a significant advantage in case of a surprise attack.”
The attack highlights the problem of security on the Internet — a transnational attack, using commercial services and tens of thousands of personal computers. To fight the attacks would take strong local and international laws on cyber security, a great deal of cooperation among commercial providers and effective systems to report the crimes — none of which is happening today, Fraser said.
“The community doesn’t know where to turn to when these crimes occur, and the police don’t know how to report it or record it, and prosecutors and court systems have a hard time coping with cases that involve gigabytes of evidence,” he said.
Looking ahead to 2010, antivirus maker Trend Micro predicts that there will be more attacks on Mac operating systems. Previously ignored by malware makers because of its relatively low market share, the booming popularity of iPhones is drawing the attention of cybercriminals.
“As the mobile OS landscape changes, and with devices comprising a huge amount of memory and storing a host of sensitive data, devices such as the iPhone and Google Android may increase as popular targets for bad guys,” Trend Micro reports in its December report, “the Future of Threats and Threat Technologies.”

The introduction this year of domain names in languages other than English — such as Russian, Chinese and Arabic — will also expand the hunting grounds for cyber crime, Trend Micro reports.

Report finds huge boom in online crime

Canadians are more likely to be a victim of crime on the web than on the streets, says a new survey commissioned by the Canadian Association of Police Boards.

 

OTTAWA - Canadians are more likely to be victims of crime on the Internet than they are on the streets, suggests a new survey commissioned by the Canadian Association of Police Boards.

Cyber crime - things such as identity theft, computer viruses and online harassment - is very close to surpassing illicit drugs as the top crime category in North America.

The survey, completed last January by Deloitte LLP, found that nearly half of the 567 respondents had been victims of cyber crime, and 70 per cent said they did not report the crime.

Almost everyone surveyed - 95 per cent - thought they were being targeted by cyber criminals.

“If that doesn’t scare you, I don’t know what will scare you,” said Calgary police Chief Rick Hanson during a news conference Wednesday.

“It’s huge and it’s getting worse,” said Ian Wilms, chair of the Canadian Association of Police Boards. “You lock your door at night time, but people don’t, when online, just take the 30 seconds to update the security patches on their computer.”

The report finds that the number of incidents has increased dramatically since 2001.

“The pool of victims grows larger every day while the pool of perpetrators also gets larger, younger and more sophisticated . . . this is a new era for police, fighting a new type of criminal,” said Wilms in a statement.

Staff Sgt. Dick Nyehuis, head of the Calgary Police Electronics Surveillance Unit, says his department has seen a 1,239 per cent increase in seized computers over the past three years.

“We’ve now seen that there is a need for an online presence so we can monitor website and chat rooms to try and look for and identify people who could be a danger,” said Nyehuis.

“It’s a growing industry and I think it’s going to take a different approach right across Canada to address it,” said Calgary police Chief Rick Hanson.

“We’ve known for some time that it’s a growing crime threat, locally and nationally and internationally. I think this survey shows that more needs to be done.

“Is it a surprise to us? No. But like anything else our resources need to grow with the magnitude of the problem.”

Digital law expert Michael Geist says the numbers seem a little inflated and that could pose a problem for law enforcement.

“It suggests that there is widespread concern about the issue,” said Geist.

“If we’re thinking about how we prioritize law enforcement and address these issues, we need to focus on whether there is significant financial harm or whether personal safety or personal privacy is put at risk.”

The most common definition of cyber crime is broad - a criminal offense involving a computer, meaning that major issues such as child pornography and fraud are lumped in the same category as viruses and spam.

Still, Wilms stressed that action is needed sooner rather than later.

“We can’t afford to let the Internet become a no man’s land.”

Tom Keenan, a University of Calgary professor of computer science said the good news is people are becoming more aware of cybercrime.

“The bad news is we’re not getting quite to the point where people take all the right precautions. We’re kind of locking the front door but then leaving the back door open.”

With files from the Calgary Herald

© (c) CanWest MediaWorks Publications Inc.

 

source: canada.com

Computer Security Expert Busted for Spreading Viruses

By ThirdAge News Staff

Posted October 22, 2010 9:06 PM

 

Computer security expert, Matthew Anderson, is looking at a prison term, for spreading computer viruses.

The 33-year-old from Aberdeenshire, Scotland, has admitted being a key member of a sophisticated international gang of hackers.

He abused his knowledge to target hundreds of businesses with spam containing hidden viruses.

His criminal activities were discovered by Scotland Yard, which led an investigation into the viruses.

The gang, known online as the m00p group, were discovered infecting computers using viruses attached to unsolicited commercial emails.

The Scotsman reports that Anderson composed and distributed millions of spam messages with virus attachments before distributing them.

The viruses ran in the background on an infected computer and allowed Anderson to access private and commercial data stored on them. He was also able to activate webcams, effectively spying on users in their homes and sometimes taking screengrabs.

The hacker also made copies of private documents such as wills, medical reports, CVs, password lists and private photographs.

Anderson, will be sentenced on 22 November.

Read more: http://www.thirdage.com/news/computer-security-expert-busted-spreading-viruses_10-22-2010#ixzz13999MGtv

The government is preparing to issue the Information Security Guidelines to help control cyber crime that has been escalating in recent years.
Addressing a conference on cyber security, emerging cyber threats and challenges on Thursday, Rajan Raj Pant, controller of the Office of the Controller of Certification (OCC), said that the government was working to issue guidelines to help control the increasing trend of cyber crime such as e-mail threats, hacking, internet fraud and identity theft.
The guidelines are being planned by the government at a time when the use of the internet is increasing in sectors like banks and financial institutions (BFIs) and government offices that are sensitive in terms of data security.
“After the issuance of the guidelines, all the ISPs, BFIs and online operators have to abide by them,” said Pant.
“Government sites, sites belonging to banks and financial institutions and online operators must undergo a security audit by the government.” (Source:ekantipur)
source: ktm2day.com

Cyber Crime On A Roll In India

cyber criminals are now targeting Enterprises and Consumers based in Tier III cities.

The ISTR (Internet Security Threat Report) by Symantec states after metro cities its now turn for the cities like Bhopal, Surat, Pune, Hyderabad and Noida which also features in top ten bot affected cities list. However it has not resulted to decline in metro cities. Cyber Criminals have now become more professional and commercial in developing, distributing and using the malicious codes, scripts and services.

The new technology and easy money stuff is responsible for the birth of new hackers and cyber criminals. The new hacking tools and viruses being exchanged among the hackers enable them to break into computer systems more easily than ever before. During the first six months, Symantec had observed an increase in multi-staged attacks. It is an initial attack that is not intended to perform malicious activities immediately but later on.

India is now taking steps to fight against the cyber crime, Indian Police are now being trained on how the Internet, e-mail, and other computer-based tools can be used by criminals to illegally obtain information stored in databases.

In the home to tech hot spots, Banglore, a lab is expected to come up very soon to train more than 1,000 police officers and other law enforcement personnel annually in cybercrime investigation techniques. It will be the third of its kind to provide such services by Indian government after Mumbai and Thane.

“As cyber threats continue to grow in India with more than 30 million Internet users across the tier I and II cities, it has never been more important to remain vigilant and informed on the evolving threats,” says Vishal Dhupar, Managing Director, Symantec India.

Ankit Fadia, the 21-year-old computer whizkid and author of ‘The Unofficial Guide to Ethical Hacking’ said “I could hack a state-owned bank’s website or a government communications website which shows the vulnerability, thousands of Indian websites are being hacked each day”.

He also has announced his association with the Ghaziabad-based Institute of Management and Technology (IMT) for a one year diploma course in cyber security programme through distance learning. In near future such courses can help to take on cyber crimes.
source: www.watblog.com

Indian Police can now track your E-mails

RGXUECW54G5X

The police can now read your e-mails without prior permission from the home department.
The Parliament recently cleared an amendment to the Information Technology (IT) Act, allowing the police to intercept or decrypt online information without seeking the home department’s nod.

Rising instances of cyber crime have prompted the move aimed at cutting red tape.

The amendment empowers the inspector general of police to permit interception or decoding information in cyber space in an emergency.

This will help speedy detection of cyber crimes like phishing or sending offensive messages and in tracking terrorists who operate using the Internet.

Advocate I.P. Bagaria said the amendment was necessary.
“Every citizen has a right to privacy. However, this cannot be at the cost of the state or country,” he said.

The secretary in-charge of the state home department should be informed about the interception within three days of tracking.

The secretary the final sanctioning authority has to grant permission within seven days.

Once the sanction has been obtained, it has to be placed before the Review Committee within two months.

Senior advocate Amit Desai said this period should be reduced. “Otherwise there are chances of misuse of these powers.”

The police had to earlier take permission from the additional chief secretary, home or, in an emergency, the joint secretary.

“Liberalisation of interception is required when the world is dealing with terrorism,” said senior police officer-turned lawyer Y.P. Singh.

The amendment has increased the minimum punishment under the Act to three years and made the offense non-bailable.

Cyber expert Vijay Mukhi said there should be a mechanism to check misuse.

source:www.techchase.in

High-tech war on cybercrime

CYBER POLICE

Police from the cybercrime unit will be equipped with the latest high-tech gadgets to effectively combat online offences. Inspector-General of Police Tan Sri Ismail Omar said this was necessary, especially in the wake of recent postings on social networking sites such as Facebook and YouTube.

He said combating cybercrime would be a priority as police realised that the force had to adapt to an era where information travelled at rapid speed and was circulated locally as well as globally. “We will come up with a new mechanism and procedures to deal with cases involving the Internet, especially on Facebook,” he told reporters after his inaugural visit to the Johor police headquarters here yesterday.

“We are especially concerned with news or information on the Internet that can disrupt racial relations and the country’s harmony.”He was responding to a video on YouTube where a preacher in Kuching, Sarawak, allegedly insulted Islam.

Ismail said the police would cooperate with other agencies such as the MCMC to get to the bottom of the matter.

On Tuesday, pro tem president of the Muslim Bloggers Association Zainol Abideen drew attention to the video clip of a “priest” delivering a talk at a church in Kuching and allegedly insulting Islam and Prophet Muhammad.

“If there is an element where the police can act, then we will take action against the culprit,” Ismail said.

“The matter could be investigated under the Sedition Act.” Every­­­one needed to be mindful of the impact their statements could have, he added.

On another matter, Ismail said the police would act on unsolved cases if full cooperation was given by the complainant or victims of crimes. “We will act on old cases if new evidence or leads are discovered,” he said.

“We urge the public who want the police to act on old cases to come forward and give us their full cooperation.”

He also wanted people to go straight to the police if they had any grievances and not highlight the matter in the media.
Source: www.internetslife.com

Saudi Arabia's Commission for the Promotion of Virtue and Prevention of Vice, known as the Haia, is aiming to set up a unit to combat cyber crimes.

 By ITP.net Staff Writer
According to Arab News, the Haia will establish a cyber crime unit at its Riyadh headquarters, which will initially focus on the issue of women being blackmailed online.

Saudi has recently seen an increasing number of reports of men attempting to blackmail women by threatening to post their photographs online. Use of mobile phone cameras and MMS has increased the circulation of photographs of women's faces, which under the Kingdom's strict traditions and customs, should not be revealed to non-relatives.

The General Presidency of the Commission will set up a temporary office in Riyadh. The group will also monitor illicit websites in the Kingdom, and will co-operate with other authorities to close such sites, the report said.

Cyber crime lab goes online in Mass

As new technology changes the way we live, crime fighters are also taking steps to keep pace with the bad guys.

Today, Massachusetts is showing off a new lab. As NECN's Brad Puffer tells us, it's helping law enforcement follow high tech clues to solve crimes.

Dave Papargiris is head of the Cyber Crimes division at the Masschusett's Attorney General's office.

He's showing off a new lab designed to handle the increasing number of cases involving digital evidence.

“There's a lot of equipment for doing mobile phone, new phones are coming out monthly, we need to have enough tools to work with every phone that is coming out.” Papargiris says they work to assist District Attroney's across the state and offer free trainings to local police departments. All in an effort to respond more quickly.

“If we got a report of a missing child we could go right into that persons bedroom take their computer hard drive out start looking at who their were talking to who they were communicating with.” The Attorney General's office has gone from processing around 50 cases last year to more than 100 this year and they expect that number will only go up.

Martha Coakley: “Everything from cell phones to iPhones to Blackberry's to mobile computers and anything that stores information in a digital way.” Attorney General Martha Coakley says the new lab goes online Wednesday morning at a cost of almost 800-thousand dollars. Funding she says comes from grants, their own budget and the state.

“It's a major investment but in terms of what we need to do for solving crime and providing deterrence it is well worth it.” Investigators say they handle the evidence as carefully as DNA - checking evidence in and providing a static free environment to prevent any damaging shock The hope is to solve crimes faster but with strong evidence that will also convince a jury at trial.
this post is brought to you by: www.internetslife.com