Organized Web Mobsters Getting Jobs Inside

Featured Members

Expert Blog Entries

Expert Blog Comments

IT Worker Confidence Grows
Our lives revolve around technology and this does not surprise me. Good news!

Is Your Team Working Through Lunch?
Brilliant: this should be ENFORCED in all companies struggling to be social! Great read : bookmarked...

What Makes a Great Team Member?
This is so true! Our project management team, and some other people I know fit this description pe...

Organized Web Mobsters Getting Jobs Inside

Share This -

By Rob Siciliano

In 2009, there were a reported 140 million records compromised, compared to 360 million in 2008. In 2010 there have been almost 13 million records stolen. But don’t have a party just yet.

Criminals are fine-tuning their craft and getting better. The industry just isn’t making it as easy. 97% of those records were stolen using malware – malicious software designed to attack the target’s existing systems and software in place.

A reported 50% of the malware was installed remotely. Almost 20% came from visiting infected websites and almost 10% was installed when employees clicked infected links that conned or “socially engineered” them.

A recent Verizon report stated, “Over the last two years, custom-created code was more prevalent and far more damaging than lesser forms of customization, the attackers seem to be improving in all areas: getting it on the system, making it do what they want, remaining undetected, continually adapting and evolving, and scoring big for all the above.”

This may be also attributed to an inside job. A rogue employee on the inside always has the advantage of knowing exactly how to remain undetected.

The report further stated that organized crime rings may “recruit, or even place, insiders in a position to embezzle or skim monetary assets and data, usually in return for some cut of the score, the smaller end of these schemes often target cashiers at retail and hospitality establishments while the upper end are more prone to involve bank employees and the like.”

In the past three years that’s a total of 513 million records. On average, every citizen has had his or her data compromised almost twice. Where’s your Social Security number in that mix?

To ensure peace of mind, subscribe to an identity theft protection service, such as McAfee Identity Protection, which offers proactive identity surveillance, lost wallet protection, and alerts when suspicious activity is detected on your accounts. For additional tips, please visit http://www.counteridentitytheft.com

Robert Siciliano is a McAfee consultant and identity theft expert. See him discuss another data breach on Fox News. (Disclosures)

This article was published by Infosec Island.

Comments (2)

	1. 09-11-2010 05:59
	Internal data breaches are often the most insidious to detect, whether it be someone with criminal intent or a disgruntled employee. Since specific identity theft products are mentioned, LifeLock is also supposed to be a credible service for identity theft monitoring, and there are a variety of credit monitoring services like Equifax's ScoreWatch. Registered

This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

	2. 09-19-2010 20:57
	This is a problem that has always existed and trying to avoid it is tricky as well. While it is possible to screen these employee's when they start it is hard to catch the employees who become compromised after the fact. It is certainly a constantly moving target to catch. -sean Registered