[ISN] Computer crimes seen as more likely than physical ones

InfoSec News isn at c4i.org
Mon Jan 30 01:33:02 EST 2006


http://www.chicagotribune.com/technology/chi-0601280034jan28,1,1271387.story?coll=chi-techtopheds-hed&ctrack=1&cset=true

By Jon Van
Tribune staff reporter
January 28, 2006

Internet users believe they are more likely to be victims of a
cybercrime than a physical one in the coming year, according to a
survey released this week.

This growing fear of Internet vulnerability is well-founded, computer
security experts contend. Whereas most malevolent software was once a
form of electronic vandalism, it has become a profit-making venture
backed by organized crime.

The survey, commissioned by IBM Corp., found that nearly 40 percent of
respondents do not bank online or use credit card information online.  
Seventy percent said they only shop at Web sites that display a
security protection seal.

"They conduct business with companies they know and trust," said
Stuart McIrvine, IBM's director of corporate security strategy.  
"They're wary of Web sites they haven't been to before and wary of Web
sites with no advertised security controls."

Also, the survey found that people are taking steps to avoid identity
theft and other cyberscams. Eighty-five percent of respondents said
they destroy all documents containing personal information or assure
those documents are safely stored.

Yet fears about cybercrime are not leading to a slowdown in
e-commerce, which continues to boom. Data collected by ComScore
Networks show that people spent $5.5 billion online in the first three
weeks of January for items unrelated to travel. That's a 33 percent
increase over the same period a year ago.

There has always been a subset of computer users who are reluctant to
shop online because of security concerns, said Gian Fulgoni,
ComScore's Chicago-based chairman.

"Something like 40 percent of people don't shop online because of
these concerns," he said.

The survey results are good news, said Scott Pinzon, security chief at
Watch Guard Technologies, a Seattle firm that supplies network
security to businesses. "People are becoming aware of some very real
threats."

Pinzon said that most computer security people have attempted to
thwart hacker threats with technology, believing it's futile to train
computer users in techniques to protect themselves.

"Crooks have been more effective in training users about cybercrime
than security experts," Pinzon said. "People are learning about
Internet security the hard way by being stung by phishing and other
scams. It's rational for them to be wary of online activity."

As more people get high-speed broadband Internet connections, they
tend to spend more money online, McIrvine said. Generally, he added,
the more experience people have online, the more receptive they are to
shopping there.

"Even among people who shop online, more than 90 percent of their
spending is done offline," Fulgoni said. "So e-commerce has a lot of
upside ahead."

As people become more aware of online risks, they're moving to protect
themselves in much the same way they operate offline, said Fahim
Siddiqui, chief executive of Sereniti Inc., a home network services
firm based in Jersey City.

"They're using the same vigilance in traveling the information highway
as they use in driving on physical highways," he said. "When you drive
in your car, you buckle your seat belt for protection. You buy
insurance."

Siddiqui's firm provides firewalls and other computer protection. It
also sells insurance that pays up to $25,000 to cover expenses
incurred by ID theft victims and anti-virus insurance that pays up to
$1,000 to cover harm inflicted upon computers by viruses.

As a practical matter, Web sites that offer pornography and gambling
are more likely to install malevolent software on computers that
visit, Pinzon said.

"If you avoid those Web sites, you reduce the chances you'll be
victimized," he said.

"But that's not to say you won't get some really odious spyware loaded
on your machine from something that promises to turn your cursor into
a cute kitten."





More information about the ISN mailing list