'Botnets', 'hacker gangs' and 'phishing' is the lingo describing a new breed of criminals now overtaking the illegal drug trade.
Cyber-criminals have 'phished', impersonated, extorted, scammed and spammed their way into a US$105 billion industry that now surpasses the value of the illegal drug trade worldwide*. And with crimes happening in cyberspace, these criminals are more slippery than their 'real world' counterparts - they are difficult to find, prosecute and punish.
Any of us could be aiding and abetting criminals without knowing it! A 'worm' travels from one computer to another via links embedded in e-mails, creating a vast network of computers which automatically send millions of e-mails a day to a Web site in a bid to stop the site from operating. Once the site has been brought to its knees, the criminals extort millions from the business to stop the attack.
These computer networks, or botnets as they are called, can constitute the largest army in the world. Some industry experts have put the size of one of the most recent botnets at 10 million computers**. Any computer connected to the Internet could be part of a botnet without knowing it as the application runs in the background.
These botnets are currently mostly initiated by Russian and Estonian hacker gangs, and largely targeted at gambling sites, but the threat for local businesses cannot be ignored. South Africa is typically behind the curve, so we need to watch this trend to ensure our Web sites aren't affected by the gangs. Botnets and extortion are just one of the ways that criminals are making their money online. One of the biggest fraud issues facing the local Internet industry currently is ADSL bandwidth theft. Gangs - mostly Nigerians living in Gauteng - are using stolen credit card numbers to buy ADSL bandwidth via the Internet. The criminals create a false identity using prepaid cellphone numbers, free e-mail accounts and fake physical address details and order the bandwidth which is then resold at 100% profit to them.
The existing laws do not cater for ADSL bandwidth theft, as the police need a physical location of the crime to issue a court order. The fact is that this is all happening in cyberspace so there is no physical address.
Even if police catch the criminals, prosecuting is a real problem. ISPs don't have the resources to follow up every case. The courts are over capacity and prosecuting for this type of crime is not a priority. In the meantime, local ISPs carry the costs while cyber-criminals get off scot-free.
Much of the crime happening on the Internet preys on ignorance.
Matthew Tagg is MD of WebAfrica.
In addition to bandwidth theft, phishing has become a real risk for local Web users. Phishing involves e-mails which encourage Internet bankers to click on links to update their personal details on a Web site closely resembling their bank's site. Unassuming customers give their all their personal details to that site, not realising they have delivered their confidential information into the hands of criminals.
Aside from the potential of bank accounts being cleaned out, even more dangerous is the fact that the criminals have all the necessary information to impersonate their victim online. Via phishing, criminals get all the details they need to create a complete online identity, enabling them to carry out further fraud under the victim's name. Vigilance is the best defence, and online bankers should never click on links from e-mails to access their bank's site.
In fact, vigilance is the best security measure for Web users in most circumstances. Much of the crime happening on the Internet preys on ignorance. Web users should be cautious where they shop online, and should not fall victim to European lottery scams or requests for money to help someone out of a predicament.
A more vigilant Internet community, training for the police force and an urgency to prosecute and punish cyber-criminals is what is required to ensure local Web users and businesses are protected from fraud. Until this happens, we will continue to be victims of these virtual vigilantes preying on people's innocence and antiquated legal systems.
* McAfee statistics reported on itnews.com on 19 September 2007.
** Figures reported in the Washington Post blog site on 1 October 2007.
* Matthew Tagg is MD of WebAfrica.
Share