Over the decade, cybercriminals have been able to make hundreds of millions of dollars with “less risk than traditional crimes”, according to the report, a Good Decade for Cybercrime.
“With its rich landscape of e-commerce sites, paid services and online banking, the Internet became a treasure trove of money and information that proved irresistible to cybercrooks. Suddenly, the banking and credit card information of billions of people were potentially accessible to those employing the right exploit or scam”, the report observed.
Dave Marcus, director of security research at McAfee Labs, said the report shows how cybercrime developed in maturity and pervasiveness over the last decade. In the early part of the decade, most of the cyberattacks were carried out by hackers trying to demonstrate their skills at disrupting computers and networks. But as the decade progressed, cyberattacks were increasingly carried out by organized criminal gangs bent on profit, he related.
"Over the last few years, we have seen bad guys develop the ability to target individual companies or groups of companies", Marcus told Infosecurity. "It's a different ballgame than earlier in the decade."
As McAfee Labs gazes into the future, it sees an explosion of social networking scams and abuse of location-based services.
“With more and more users posting where they are in the physical world, crooks have ample opportunities to figure out users’ patterns, current location and when they’re away from home. Put together with other available online information, such as their address, this online data can lead to serious real world crimes, like robbery”, the report warned.
In addition, mobile devices will increasingly come under attack from cybercriminals. Mobile threats have become more targeted, and McAfee Labs predicts that 2011 will be a “turning point” for targeted threats against mobile devices.
"Businesses have to support more mobile devices than ever before. A person gets a gift of a handheld device and assumes it can be used at the office....There is a huge opportunity there for the bad guys because businesses are struggling with how to manage all these devices. It gives the cybercriminal a window of opportunity", Marcus said.
Businesses need to be "looking at what their mobile protection strategy is right now, not just from the point of view of how can I put security technology in place, but how am I managing it, how am I applying policy to it, and how am I allowing it to connect securely. They need to be looking at all of these non-standard Windows devices right now", Marcus stressed.
In addition, companies should decide how they are going to deal with social media. Should they allow it? If yes, then are there rules in place governing social media use? "They need to get policies and procedures in place for how they can empower people to use social media without endangering themselves and the business", Marcus added.
The McAfee Labs' report predicted: “While many of the types of attacks will stay the same (i.e., phishing, dangerous websites and downloads, and spam) cybercrooks’ methods will become more targeted and clever. The days of destruction for bragging rights is over – now it’s all about money and discretion”, McAfee Labs concluded.