Stuart Corner
Wednesday, 15 April 2009 10:04
Business IT -
Technology
Page 2 of 3
David Dzienciol - Symantec Australia's senior director, enterprise security and partners, Pacific region - told iTWire that credit card details were selling for anywhere between six cents and $30 each and bank account details from $10 to $1000 each, prices that had been maintained despite the downturn in the global economy.
And Gartner this week reported that: "More than five million US consumers lost money to phishing attacks in the 12 months ending in September 2008, a 39.8 percent increase over the number of victims a year earlier."
Gartner surveyed 3,985 US. online adults and found that "although the number of consumers who lost money to phishing attacks increased in 2008, average losses decreased. The average consumer loss in 2008 per phishing incident was $US351, a 60 percent decrease from the year before.
Avivah Litan, vice president and distinguished analyst at Gartner, observed: "The survey findings underline the fact that the war against phishing is far from over. Despite the rollout of a wide range of security measures designed to stem phishing, the truth is that many of them are not yet adopted widely enough to reverse this tide and, in many cases, their effectiveness is only partial."
The good news, at least from the perspective of large organisations seeking to combat this surge of cybercrime is that protection and prevention is not rocket science, it's just a matter of having the right policies and procedures in place and making sure that software is properly patched.
Mark Gourdie, Mark Goudie - managing principal of the investigative response team APAC, Verizon Business Security Solutions - told iTWire: "Complex security is not required to stay ahead of the attackers. Nine out of ten cases could have been avoided with simple security controls... A lot of the breaches are the result of poor systems administration."
He added that many organisations were setting the wrong security priorities. "What we see is a lot of organisations not doing the essentials, but doing excellence in other areas [of IT security]."
For example Verizon Business found that "All hacking and malware that exploited a vulnerability to compromise data were six months old, or older." This is said meant that" "patching quickly isn't the answer, but patching completely and diligently is."
Need all the latest news on telecommunications?
If telecoms is your business: you'll find in-depth, industry-specific news, analysis and commentary in ExchangeDaily
Check out a
recent edition (no forms to fill in) or take a free trial
LATEST HEADLINES FROM YOUR IT
