Panel: Cybercrime will grow in 2006

Cybersecurity crime increased dramatically in 2005, and 2006 promises even more incidents, a panel of federal cybersecurity experts said Jan. 24.

Driven by profit, cybercriminals in 2006 will use the massive increase in malware variants created in 2005 to initiate even more insidious and hard-to-detect attacks, said Dave Cole, director of Symantec Security Response at Symantec.

Botnets – remote-controlled networks of hijacked computers – will grow in size and popularity, said Cole, who moderated the discussion that Symantec sponsored in Washington, D.C.

During the next 12 to 18 months, more cyberattacks will be for financial gain and cybercriminals will specialize in creating malware, bot networks and other tools that can take down a network, said Art Wong, vice president of security response and managed security services at Symantec.

Cybercriminals are moving from fame-seeking amateurs to profit-driven professionals developing crimeware during business hours, Cole said.

Cybercriminals are now attacking retirement and 401(k) accounts because that’s where more people are keeping their money, said Larry Johnson, special agent in charge of the Criminal Investigative Division at the U.S. Secret Service.

The Secret Service distributes a CD-ROM for state and local law enforcement to learn about cybercrime at the street level, where the information usually ends up, Johnson said.

Consumers must become more educated because the evolving environment is “more risky, more dangerous than it’s ever been in the past,” Wong said.

To help them, Symantec introduced a new Web site,, Jan. 24 to help the public better understand the changing threat landscape, Wong said.

Cybercriminals are committing financial crimes now but will eventually attack critical infrastructure and government operations, said Andy Purdy, acting director of the National Cyber Security Division at the Homeland Security Department.

To better protect the nation’s cyber infrastructure, DHS has issued a revised draft version of its National Infrastructure Protection Plan (NIPP), Purdy said.

Mandated by President Bush, NIPP establishes a framework for operational risk assessment. It sets measurable milestones of what government and industry need to do to protect major physical, human and cyber assets from terrorist attacks.

The second draft version is a substantial step forward because it clarifies the particular criteria to particular security methodologies, Purdy said. The plan will help the cybersecurity sector apply existing infrastructure to risk assessments in partnership with the federal government, he said.

“It’s important to realize that there is a tendency to think we know what we’re supposed to do,” but the threat environment is changing, Purdy said. “As attacks become more sophisticated, we need more-sophisticated defenses.”


  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.