Cyber-criminals consider culture

By Ilva Pieterse for Trellix
Johannesburg, 03 Apr 2008

McAfee's Avert Labs shows cyber-criminals are now focusing on a country's culture to target their attacks successfully.

"In the last three years, we have seen a complete change in the tools and methods the cyber-criminal uses," explains Chris van Niekerk, regional director for Africa, McAfee.

"Cyber crime is a very lucrative business," agrees Adriaan Joubert, sales engineer for McAfee South Africa. "As far back as 2004, it became a $150 billion industry which surpassed even drug trafficking."

But now, Van Niekerk says, the daunting thing about cyber attacks is that they are becoming culture-specific. "For example, if you receive an e-mail that is not written in your language, you will ignore it. Cyber attackers are increasingly attuned to cultural differences and tailor social engineering attacks accordingly."

He notes that malware authors adapt language to the Internet domain site and malicious Web sites serve up malware in a language determined by the country in which the target is located.

"Also, you will discover that in countries such as the UK, SA and Brazil, identity theft is more prevalent because of the widespread use of Internet banking in these countries," explains Joubert.

"The Germans, however, do not trust online banking and still prefer to use traditional banking methods. Cyber-criminals know this and do not waste their time sending phishing e-mails to Germany.

"It is important to note, however, that this is not such a large problem here as it would be in the UK," Joubert continues. "Because our contribution to the world market is low, we are not really on the cyber-criminal's radar. The fact that we do not have easy access to the Internet also plays a role."

Furthermore, Van Niekerk points out that malware is undergoing a tremendous boom. "Just to illustrate, in 2006, the number of unique threats identified by Avert Labs was 53 567. In 2007, the count went up to 131 800, an increase of 246%. This year February, that number increased to 371 002, which means the number has almost tripled in a few months. It is predicted that by the end of this year, we will be looking at about 750 000 different bits malware floating around."