AFCC Recommends Adoption of Cohesive Approach to Thwart Cyber Problems

Anti-Fraud Command Center (AFCC) has recently said that cyber criminals have started understanding the importance of information that could be stolen from businesses.

Sam Curry, Vice-President of Product Management and Strategy, RSA AFCC, said that crooks were going beyond general theft, as reported by Computerweekly on June 8, 2009.

Curry further said that the trend of exploitation of intellectual property, business strategies and other critical business information like e-mail addresses was gaining momentum.

In fact, e-mail addresses of top ranking executives at US corporations value nearly $50 each, indicating that phishing attacks may pick up momentum in future, said AFCC.

Fraud-as-a-service is believed to have given impetus to this trend because it is an effective information stealing infrastructure that has been set up using state-of-the-art technology.

According to the RSA AFCC report for May 2009, the evolving trend is pointing to new developments in the cyber world, such as the integration of fast-flux botnets in attack techniques, improvement in Trojan functionality and infrastructure and advancement of fraud-as-a-service. Curry also highlighted growing incidences of money muling.

The AFCC also claimed that cyber criminals including phishers and malware authors were targeting to online businesses and rapidly changing with advanced crimeware to sustain themselves in fast changing cyber world. With each successful attack, cyber criminals are ascending on the ladder of innovation and making their attack tools more sophisticated so that they launch better attacks than previous ones.

After intensive analysis, Curry states that the situation is getting worse since too much of attention is given to the security systems of organizations or companies than attention should be given. Most of the practitioners do not concentrate too much on the security infrastructure as they consider it a task that needs to be completed. Hence, organizations or companies don't pay much heed whether the security infrastructure is functional or not.

Finally, companies should not try to proceed lonely with security infrastructure, but should take advice from others that will help them in improving their online security. A cohesive approach will enable companies to identify the security vulnerabilities they come across, correspondingly helping them to mitigate new attacks.

Related article: APACS Reports Phishing On The Rise

» SPAMfighter News - 6/12/2009