Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

1/25/2011
05:51 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

McAfee Publishes 'Decade For Cybercrime' Report

The past 10 years have been quite profitable for cybercriminals

SANTA CLARA, Calif., Jan. 25, 2010 – For Internet users, it has been a decade of exciting online advances that allow people to communicate, share information and conduct business in ways that were never before possible. However, cybercrime has also flourished over the last decade, growing by double digits year after year, and costing consumers hundreds of millions of dollars every year. The latest report from McAfee (NYSE: MFE), “A Good Decade for Cybercrime,” examines the past ten years of cybercriminal tactics and online threats, an era that dramatically changed the face of crime.

“Cybercrime is one of the fastest growing and lucrative industries of our time,” said Dave Marcus, director of security research for McAfee Labs™. “From the ‘I Love You Worm’ of 2000, to today’s ever-evolving threats on social media sites, we’ve watched these cybercriminals and their tactics grow in sophistication. The days of destruction purely for bragging rights are over – now it’s all about making money and not getting caught.”

Over the past ten years, Internet use has exploded, growing over five-fold from the 361 million users in 2000 to nearly two billion users in 2010, according to InternetWorldStats.com. With a new onslaught of e-commerce sites and revenue opportunities, the Internet has become a trove of money and information that has proven irresistible to cybercrooks.

Snapshot of a Decade

Top exploits representing different eras of cybercrime:

1) “I LOVE YOU” Worm’s False Affection: Estimated damage $15 billion

The “I love you” worm (named after the subject line of the email it came in) proved irresistible in 2000 as millions of users opened the spam message and downloaded the attached “love letter” file and a bitter virus. This infamous worm cost companies and government agencies $15 billion to shut down their computers and remove the infection.

2) MyDoom’s Mass Infection: Estimated damage $38 billion

This fast-moving worm first struck in 2004 and tops McAfee’s list in terms of monetary damage. Due to all the spam it sent, it slowed down global Internet access by 10% and reduced access to some websites by 50%, causing billions in dollars of lost productivity and online sales.

3) Conficker’s Stealthy Destruction: Estimated damage $9.1 billion

This 2007 worm infected millions of computers and then took its infections further than the last two worms on our list, as cybercrooks moved from notoriety to professionalism. Conficker was designed to download and install malware from sites controlled by the virus writers.

Top Scams:

1) Fake Anti-Virus Software – Selling fake antivirus software is one of the most insidious and successful scams of recent years. Cybercrooks play on users’ fear that their computer and information is at-risk by displaying misleading pop-ups that prompt the victim to "purchase" antivirus software to fix the problem. When the victim agrees to purchase, their credit card information is stolen and they wind up downloading malware instead of security software.

2) Phishing Scams – Phishing, or trying to trick users into giving up personal information, is one of the most common and persistent online threats. Phishing can come in spam emails, spam instant messages, fake friend requests or social networking posts.

3) Phony Websites – In recent years, cybercrooks have become adept at creating fake websites that look like the real deal. From phony banking sites, to auction sites and e-commerce pages, crooks are constantly laying online traps hoping you will be fooled into entering your credit card or personal information.

Looking ahead to future cybercrime trends, McAfee Labs predicts the continuation of social networking scams and tricks, such as malicious links, phony friend requests and phishing attempts. The scams are likely to get more sophisticated and personalized, especially if users continue to share a great deal of information.

If you think you may be a victim of cybercrime, visit the McAfee Cybercrime Response Unit to assess your risks and learn what you can do next at www.mcafee.com/cru.

The report featuring “A Good Decade for Cybercrime” can be downloaded here. For more information contact Andrea Heuer at [email protected] or (415) 618-8812.

“STOP. THINK. CONNECT.” Consumer Advice:

STOP. THINK. CONNECT. is the first-ever coordinated message to help all digital citizens stay safer and more secure online. The message was created by an unprecedented coalition of private companies, nonprofits and government organizations.

The coalition advises consumers to STOP. THINK. CONNECT.

When you cross the street, you look both ways so make sure it’s safe. Staying safe on the

Internet is similar. It takes some common sense steps -- Stop. Think. Connect.

Stop: Before you use the Internet, take time to understand the risks and learn how to spot potential problems.

Think: Take a moment to be certain the path ahead is clear. Watch for warning signs and consider how your actions online could impact your safety, or your families.

Connect: Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.

STOP. THINK. CONNECT. Protect yourself and help keep the web a safer place for everyone.

www.stopthinkconnect.org

About McAfee

McAfee, headquartered in Santa Clara, California, is the world's largest dedicated security technology company. McAfee delivers proactive and proven solutions and services that help secure systems, networks, and mobile devices around the world, allowing users to safely connect to the Internet, browse and shop the Web more securely. Backed by its unrivaled Global Threat Intelligence, McAfee creates innovative products that empower home users, businesses, the public sector and service providers by enabling them to prove compliance with regulations, protect data, prevent disruptions, identify vulnerabilities, and continuously monitor and improve their security. McAfee secures your digital world. http://www.mcafee.com

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28576
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
CVE-2020-28577
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
CVE-2020-28582
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
CVE-2020-28583
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.
CVE-2020-28573
PUBLISHED: 2020-12-01
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.