Business Today
Loading...

Booming underground

Underneath the thousands of portals and social networking sites we visit, lurks a fl ourishing underground market for fraudrelated services. According to a recent study titled ‘Report on the Underground Economy’ by Symantec’s Security Technology and Response (STAR) organisation, the total value of these goods could be over $276 million (Rs 1,380 crore) between July 2007 and June 2008. Here’s how the Internet underground makes its money and why it is hard to nail.

Rahul Sachitanand | Print Edition: December 28, 2008

Underneath the thousands of portals and social networking sites we visit, lurks a fl ourishing underground market for fraudrelated services. According to a recent study titled ‘Report on the Underground Economy’ by Symantec’s Security Technology and Response (STAR) organisation, the total value of these goods could be over $276 million (Rs 1,380 crore) between July 2007 and June 2008. Here’s how the Internet underground makes its money and why it is hard to nail.

Safety first
The underground economy is geographically diverse and generates revenue for cyber-criminals. North America hosted the largest number of such servers–45 per cent of the total. The geographical locations of these servers are constantly changing to evade detection.

What is to be done:

  • Use filtering and anti-spam software
  • Regularly update security software such as anti-spam solutions
  • Limit private information on computers, especially if it is an offi ce machine
  • Your wife’s or your pet’s name isn’t a great idea for a password. Neither is ‘123’ or your birthday
  • Avoid the ‘remember password’ selection provided on most websites. Hackers could gain control of your computer and steal this information

Phishing figures
India is a fast-growing Internet market and most new consumers are unsuspecting browsers—easy prey for hackers. India has 81 million Internet users, according to an Internet Governance Forum report, released in December and attacks seem to be increasing every day.

  • Symantec has observed over 1,000 unique phishing attacks on Indian banks last year
  • 600 phishing URLs with IP addresses are hosted in India
  • India ranks in the top 10 countries from where spam originates
  • In September 2008, India fi gured in the top 10 countries hosting active zombie machines. Zombie is a term given to a computer that has been compromised

Server lifespans
What makes enforcement harder is the very nature of IRC (Internet Relay Chat) servers; they can be set up and taken down quickly—within 10 days. One of the largest observed IRC servers had 28,000 channels and 90,000 users. Here’s the average lifespan of IRC servers.

Top theft: credit card data
Credit card data is by far the most sought-after information by scamsters. Over half the demand from hackers scanned by Symantec was for credit card data, with identity information— user names and passwords, for example—a distant second.

The bad guys use a complex network of IRC servers to advertise their services.

What the hackers need
Getting hold of tools to hack into accounts comes at a price. And like any other economy, prices are based on supply and demand. Like buying produce from a wholesale market, some software could even be bought in bulk.

Underground supermarket
Hackers have their pick of illegal commodities, ranging from confi dential bank data and credit card details to complete personal identities. What’s worrying is a complete identity is available for Rs 45 and credit card data for as little as Rs 25.

Youtube
  • Print

  • COMMENT
BT-Story-Page-B.gif
A    A   A
close