Feeds

On-line ‘mass victimization’ inevitable – study

Only robust tech employment stands in the way

  • alert
  • submit to reddit

SANS - Survey on application security programs

Opportunities to sniff about corporate networks and steal valuable data are ever-present temptations in the technology field, and it's beyond question that company secrets are occasionally sold to the competition by trusted employees for personal financial gain.

Furthermore, there's a large number of people about with the skills to break into remote networks without being detected, and heaps of automated tools enabling the less-than-leet to prey on the less-than-savvy in fairly hefty numbers.

The situation, however bad it is (and opinions do vary), would be heaps worse were it not for a steady supply of good job opportunities in the tech field, a study by the Gartner Group to be released within a fortnight observes.

"A factor inhibiting [such] attacks is the presence of a strong international market for employment of skilled technologists at good wages. In other words, most of the people who can execute [such] attacks find honest work, and do not need to turn to crime to make a living," the study, titled "The Era of Mass Victimization", notes.

Indeed, a recent article by Wired bears this out, revealing that according to the US Department of Labor, companies in the computer and data processing sector continue adding rather than chucking workers, in spite of what the media fascination with dotcom blowouts would lead one to imagine.

While certain regions of the New Economy are clearly (and deservedly) imploding, overall employment opportunities continue to be strong, the Gartner report's principal author, Richard Hunter, told The Register.

"Regardless of what's happening in particular sectors, industries remain dependent on technology and will continue to need tech workers," he told us.

But before we sigh with relief, it's worth noting that the world economy could at any moment reverse itself, and further that there is a vast supply of very capable computer enthusiasts living in regions where 'gainful employment' means something quite different from what most of us would take it to mean.

"A programmer living in Eastern Europe who gets a job earning $50 a month is a lucky programmer," Hunter notes. Then of course there's Russia, India, China, Nigeria, to name but a few places where tech training is good, and where the fully employed are paid poorly enough to make crime a very real temptation.

This mixture of opportunity and temptation combines unfortunately with a growing realization that cyber-crime enforcement is exceptionally poor and haphazard. Thus, "the economic value represented by cyber-crimes will increase by two to three orders of magnitude," by 2004.

And because so many tools exist or can be adapted to attack large numbers of Netizen, it's quite likely that "by the end of 2002, at least one incident of mass, surreptitious victimization of thousands of Internet users will have occurred in which the object was not vandalism, but theft. Given....the state of international law enforcement on the Web, the identity of the thief will remain unknown," the study predicts.

Of course if the economy tanks in the mean time, we can probably expect a few more such incidents within the same time-frame. So get to work. ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.