The amount of malicious code has been constantly increasing together with its sophistication, mostly due to the ever-growing omnipresence of the internet. The year 2007, however, has been the most (un)successful up to date. During the first half of the year, the amount of malicious code intended to infect users’ systems with Trojans, keyloggers and whatnot, has become 5 times larger than it had been in 2006, while phishing scams increased by 150%.
These statistics were announced by Microsoft at the RSA Security conference in London. The survey was conducted by the Ponemon institute, who interviewed over 3,600 security, privacy and marketing executives in the US, UK and Germany.
The survey showed the growing interest in stealing personal information for profit, thus making users’ privacy guarantees scarce. Cyber-crime is now an activity closely connected to organized crime rings, with a lot of money to fund operations and big profits. Another reason the number of attacks has grown is the increasing number of international business deals, making companies exchange information outside country boarders.
Especially interesting targets are CEOs’ computers: information on company mergers and such can be worth millions of dollars underground.
"As the security of the operating system improves, we are seeing cybercriminals becoming more sophisticated, diverse and targeted in their methods of stealing personal information. Personal information is the currency of crime and malicious attackers are targeting it to make their attacks and other scams more authentic, credible and successful — and to make a profit," said Ben Fathi of Microsoft in a keynote address at the RSA Europe Conference.
With the current situation, there is a need for cooperation between companies’ marketing, security and privacy departments – an initiative, that makes security breaches a lot less in number: only 29% of companies with necessary cooperation reported one or two security breaches over the last two-year period, whereas 74% of companies which do not practise this method have had breaches during the same period.