Feeds

E-crime costs UK business billions

Say electric detectives

  • alert
  • submit to reddit

Providing a secure and efficient Helpdesk

Detective Chief Superintendent Len Hinds, head of the National High Tech Crime Unit(NHTCU), warned British business today that denial of service attacks, coupled with threats of extortion are the fastest growing threat faced by IT departments.

Hinds said: "We're seeing a marked increase in distributed denial of service attacks being utilised alongside extortion demands - like those suffered recently by online gambling sites."

He also warned of the increasing sophistication, and number, of spoof websites: "Eighteen months ago you would probably have realised the spoof site was a fake - but they are more sophisticated now, they appear part of a genuine site and they are set up to collect data." The number of such attacks reported to the NHTCU jumped last year from seven to over 50.

Hinds was speaking at the launch of the NHTCU Hi-Tech Crime Survey for 2003. Researchers from NOP spoke to 201 large and medium enterprises. A quarter of these were from the financial sector and more than half had over 1,000 employees.

Some 83 per cent admitted to being victims of some form of hi-tech crime during the year. Of these companies, 77 per cent had suffered a virus attack, 20 per cent a denial of service attack, 17 per cent financial fraud and 15 per cent saw a corporate website being spoofed.

The NHTCU asked businesses to estimate the cost of these attacks and reached a total figure of £195m. Three financial institutions accounted for £60m of this loss.The figures include not just stolen money but also the cost of downtime and damage to the company's reputation.

The survey marked the start of the second e-crime congress. For more information click here

David Aucsmith, architect and CTO of Microsoft's security business and technology unit, was asked if Microsoft security patches were part of the problem. He admitted that the process of installing patches was "not as painless as possible", but he said the company was working to improve the process.

In future patches will be smaller and most will not require a reboot - which Aucsmith compared to fixing a plane in flight. They will become Microsoft updates for all systems not just Windows. Aucsmith declined to comment further because Chairman Bill will be detailing the changes at the RSA conference this week. ®

Related stories

Police arrest online cannabis dealers
UK ID theft gang jailed for £350K fraud

a href="http://www.theregister.co.uk/content/archive/33526.html"UK banks and police proffer anti-phishing advice>&Reg;

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.