Cybercrime — an Epidemic?

ChelleChelle writes "'Cybercrime is pervasive, nondiscriminatory, and dramatically on the increase.' So states TEAM CYMRU, an altruistic group of researchers focused on making the Internet more secure. This article is a look into the root causes of Cybercrime, its participants, and their motivations, as well as suggestions on what we can do to stop this epidemic." From the article: "Many victims do not seem to draw the correlation between their losses and cybercrime; worse, they often view it as a crime that is impossible to investigate and prosecute. For cybercrime to be acknowledged as an important issue, the victims must report such incidents to a receptive law enforcement community with a well-informed judiciary. Attempts such as the president's National Strategy to Secure Cyberspace represent a significant first step in the right direction. To have the desired impact, however, the detailed provisions delineated as action/recommendations must be implemented."

My daddy always told me...

[Lumpy]

Where there is money, there will be thieves.

Simple as that, the internet has easy money and easy access. Coupled with the ability to steal from long distance and dramatically lowered possibility of getting caught...

It's a no brainer, of course the level of cybercrime is increasing.

Start with the 'petty-crimes'

[mi]

And I mean, web-forms vandalism. From spammers to Wikipedia vandals. The reaction is always "clean up and forget". Or, when a particular page is too frequent a target — protect it to registered users only.

Not enough, IMO. The vandals should by sought out and prosecuted — {RI|MP}AA style — making a few high-profile prosecutions against (semi-)randomly picked abusers to "drive it home" to others, that one's being far away does not make them immune.

Re:Start with the 'petty-crimes'

[LordSnooty]

But just what is illegal about vandalising something like Wikipedia, where all the text is freely editable as per the GNU FDL? Ah, you were joking... right?

Of course, the US government had a great opportunity to make spam a crime, but the opt-out nature of the legislation meant it was bit of a damp squib.

Altruistic?

[Dunbal]

an altruistic group of researchers

      Just that statement is more than enough to a) scare the crap out of me and b) doubt their "research".

the way i see it ...

[chef_raekwon]

what truly constitutes cybercrime? really?
  - defacing webpages?
  - password sniffing?
  - phishing?

From my perspective, and my opinion may not always be correct -- the flood of 'cybercrime' by 'criminals' is a step in the right direction. They are forcing everyone to rethink our security models, and our plaintext connections. Far too often we neglect and abuse the passing of cleartext information ... a few will have to pay, for the rest of us to move up a few notches in security. Will you continue to use pop3 and imap over the internet? Will you continue to log into Slashdot without ssl?

for far too long, we have been using these insecure protocols -- its time to step up and improve our security. How hard is it to use TLS, SASL and SSL? how about setting up our webservers to have a plain text portion, and a security based portion, using SSL? When will we finally learn to look at the URL when we are providing banking information to some seemingly safe site?

I'll tell you, we will finally have learned, once people have been driven to the point where insecure is no longer acceptable as status quo. Just like Video Card manufacturers that sell their products with 'hdcp compliant' all over the packaging -- so will ISP's, banks, and whomever, about SSL TLS, and secured authentication, etc, on the internet.