As cybercrime rises, so does a new – and successful – breed of cybercops
Cybercrime is increasing, but one new study finds that cybercops have become a lot more effective at discovering data breaches and informing the often unaware victims.
Amid the flurry of cybercrime news that dominated headlines last year, from rampaging hacktivists and cyberspies to rising sabotage threats to infrastructure control systems – there was something else: the cybercops on the beat did a better job, too.Skip to next paragraph
Subscribe Today to the Monitor
While most studies and surveys found cybercrime was increasing and spawning more serious threats to society, one new study also finds that cybercops are doing a lot better at discovering criminal data breaches on their own – and then alerting the victim companies that frequently often had no idea of the financial and other data being stolen from their networks.
“The good news for organizations is that the effectiveness of law enforcement to detect breaches increased almost five-fold in 2011,” according to the Trustwave 2012 Global Security Report, published by a Chicago-based cybersecurity company that tracks cybercrime trends.
Of the approximately 3,000 organizations that reported a cybersecurity breach to Trustwave last year, 33 percent had been notified by law enforcement. That's compared with just seven percent in 2010, the report said.
That nearly five-fold jump is mainly thanks to an increased focus on the problem, including more resources devoted by national crime units like the US Secret Service, Australian Federal Police, and the UK’s Serious Organized Crime Agency, as well as international groups like Interpol.
“Law enforcement groups are just a lot more focused now on cybercrime than they were before,” says Nicholas J. Percoco, senior vice president of Trustwave SpiderLabs. “We know that they really started stepping up their efforts in 2010, seizing more criminal systems, making more arrests, finding more victims – and doing a lot more victim notification.”
Typically, agents invading botnet servers and other criminal computer networks discover stolen data – and they go tell the victim companies.
One might be forgiven for having missed that improvement, it was so overshadowed by bad news.
At least 58 highly publicized hacking attacks occurred in 2011, with victim organizations around the world ranging from law enforcement agencies, Fortune 500 companies, and governments, to defense agencies and military contractors, according to a Monitor tally of several studies.
Meanwhile, a global survey of 200 computer security professionals working in critical infrastructure industries warned that cyberexploits and cyberattacks on vital infrastructure are now widespread – and that the perpetrators range from cybercriminals engaged in theft or extortion to foreign governments preparing sophisticated attacks, the report says. The Stuxnet worm was last year's key example – a cyberweapon that targeted Iran's nuclear program and damaged it, and which experts say could be modified to damage other systems.
“Hacking has become a normal business practice for some countries, because there are no penalties and no consequences for bad behavior,” James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies in Washington told the Monitor in an e-mail interview last fall. “This is a golden age for espionage.”