Cybercrime threat keeps growing

Former White House security adviser Howard Schmidt has warned that businesses of all sizes face an increased threat from cybercriminals, who now have the power to attack key parts of the internet.

Industrial espionage by foreign governments, attempted fraud and internal threats all need to be taken into account by IT managers, Schmidt said on Monday.

"Governments, to gain a competitive edge, 'acquire' or steal technology," said Schmidt, speaking at a House of Lords event on Monday. "Why pay €20m for research and development when you can spend €5m for the same result?"

While security issues such as identity theft are high profile, Schmidt said that human error is one of the major issues IT departments have to deal with.

"We have a tendency to focus on criminality, but human error has its place. Misconfiguring a DNS router will shut down major parts of a company's network. Internal threats play as much a part as external threats," said Schmidt.

With any computer downtime costing a company money, especially e-commerce sites and financial institutions, IT managers should take account of upcoming threats to their increasingly complex networks, according to Schmidt. High-speed broadband connections, the proliferation of established PC technology, PDA devices and Wi-Fi and WiMax access all mean hackers have increasingly complex interfaces to attack.

"Tomorrow there will be more vulnerabilities and points to defend. We all have colleagues with five computers, PDAs, two laptops, smartphones and home gateways. There are full metropolitan areas with free WiMax, and with that comes collateral damage," Schmidt warned.

Small enterprises in particular will find that they have more points to defend than before, leading Schmidt to recommend that SMEs either spend more on security or turn to managed security services.

With the majority of hacks financially motivated, identity theft was a major concern for Schmidt. This problem has been perpetuated by a recent surge in phishing spam.

"Spam is a threat, not just a nuisance. A surge in the last three months has raised its ugly head," said Schmidt.

Criminals are increasingly using botnets — large groups of hijacked computers — to send out spam and conduct distributed denial of service (DDoS) attacks where they bombard a computer system with data.

Schmidt said that whereas five years ago an attack might consist of 800Mb per second of data, now hackers have the ability to launch 2 or 3GB attacks that could potentially take out large areas of the internet itself.

"There are sustained attacks against top level domain (TLD) servers, which if successful could make a large section of the internet unavailable for two to three hours," said Schmidt.

Detective Constable Bob Burls, who heads botnet crime investigations for the Metropolitan Police, said the last botnet they had cracked had been 20,000 PCs strong. While he could not give any details of the investigation, Burls said that a fast international response was essential when dealing with the problem.

"We use our international law-enforcement contacts. It needs a quick response and someone savvy at the other end [to deal with botnets]. We've established a network of like-minded colleagues who are aware of differences in jurisdiction. You have to be aware of how colleagues operate in different jurisdictions," said Burls.

The Metropolitan Police also link in with the Interpol botnet taskforce, according to detective inspector Charlie McMurdie of the Metropolitan Police.

Schmidt, Burls and McMurdie spoke to ZDNet UK on Monday at a House of Lords event organised by managed security services company Claranet.