If there was any part of the economy that wasn’t deeply impacted by the recession in 2009, it was the cybercrime industry.
The 15th edition of Symantec Internet Security Threat Report (ISTR) found that the underground digital economy didn’t take a hit during the tough year that was 2009. But it did switch tactics. Marc Fossi, executive editor of the annual report, said that phishing attempts, for example, switched focus from fraudulent ads for credit cards for fraudulent ads for mortgage reductions or loan consolidation services. Still, in terms of the goods on offer, the tried and true remain solid.
“We still see credit card info and bank account credentials as the two most advertised items [on underground trading forums],” Fossi said.
One shift the security vendor did see was a geographic shift, as 2009 proved the year that cybercrime moved into emerging markets. While overall rates of malicious activity remained consistent in markets including Canada and Germany, those countries slipped down the nation rankings (Canada was down to 16th in overall malicious activity) due to rapid growth in emerging markets, particularly in Brazil and India. It marks the first time Germany has been knocked out of the number-three slot for malicious activity, having given way to Brazil for that dubious honour. Fossi noted that attacks from emerging nations were often botnets and other attacks that may not in fact be from that nation, but appeared to be coming from those emerging markets.
“Their infrastructure is growing more rapidly than they can secure it,” Fossi said of emerging nations. “There’s such a demand for increases in broadband that all resources are going into fulfilling those requests, they don’t have the resources to secure that new broadband.”
