Panel: Cybercrime will grow in 2006

Cybersecurity crime increased dramatically in 2005, and 2006 promises even more incidents, a panel of federal cybersecurity experts said Jan. 24.

Driven by profit, cybercriminals in 2006 will use the massive increase in malware variants created in 2005 to initiate even more insidious and hard-to-detect attacks, said Dave Cole, director of Symantec Security Response at Symantec.

Botnets – remote-controlled networks of hijacked computers – will grow in size and popularity, said Cole, who moderated the discussion that Symantec sponsored in Washington, D.C.

During the next 12 to 18 months, more cyberattacks will be for financial gain and cybercriminals will specialize in creating malware, bot networks and other tools that can take down a network, said Art Wong, vice president of security response and managed security services at Symantec.

Cybercriminals are moving from fame-seeking amateurs to profit-driven professionals developing crimeware during business hours, Cole said.

Cybercriminals are now attacking retirement and 401(k) accounts because that’s where more people are keeping their money, said Larry Johnson, special agent in charge of the Criminal Investigative Division at the U.S. Secret Service.

The Secret Service distributes a CD-ROM for state and local law enforcement to learn about cybercrime at the street level, where the information usually ends up, Johnson said.

Consumers must become more educated because the evolving environment is “more risky, more dangerous than it’s ever been in the past,” Wong said.

To help them, Symantec introduced a new Web site, www.symantec.com/avcenter/cybercrime, Jan. 24 to help the public better understand the changing threat landscape, Wong said.

Cybercriminals are committing financial crimes now but will eventually attack critical infrastructure and government operations, said Andy Purdy, acting director of the National Cyber Security Division at the Homeland Security Department.

To better protect the nation’s cyber infrastructure, DHS has issued a revised draft version of its National Infrastructure Protection Plan (NIPP), Purdy said.

Mandated by President Bush, NIPP establishes a framework for operational risk assessment. It sets measurable milestones of what government and industry need to do to protect major physical, human and cyber assets from terrorist attacks.

The second draft version is a substantial step forward because it clarifies the particular criteria to particular security methodologies, Purdy said. The plan will help the cybersecurity sector apply existing infrastructure to risk assessments in partnership with the federal government, he said.

“It’s important to realize that there is a tendency to think we know what we’re supposed to do,” but the threat environment is changing, Purdy said. “As attacks become more sophisticated, we need more-sophisticated defenses.”

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.