70 percent of S'pore Net users hit by cybercrime

Cybercrime is a silent epidemic, says Symantec in a new survey where trust networks are being targeted the most for theft of confidential information.
Written by Tyler Thia, Contributor

SINGAPORE--70 percent of Internet users in Singapore have fallen prey to cybercrimes, which is slightly higher than the global average of 65 percent. Four in 10 people have never fully resolved the issue, and many are suffering in silence, according to a new report by security vendor Symantec.

Of the 455 adults surveyed in April this year, 49 percent were victims of viruses and malware, 17 percent were hit by online scams, 10 percent by phishing, while social network profile hacking and online credit card fraud each scored 8 percent of victims, said the report.

Symantec labels online crime "a silent epidemic" as the majority of victims feel powerless and find it difficult to seek recourse.

The security vendor's Internet safety advocate for Asia, Effendy Ibrahim, explained at a press briefing today that it is the lack of knowledge and faith in resolution that causes victims to be helpless in such situations.

Currently, only Malaysia has a government body, CyberSecurity Malaysia, which the public can report incidents of online criminal activities to. The Internet Fraud Alert Centre, launched in June, is a union of security coalitions and vendors to whom virus and malware researchers can report to and alert about any potential threats they know of.

"Cybercriminals purposely steal small amounts to remain undetected, but all of these add up. If you fail to report a loss, you might actually be helping the criminal stay under the radar," said Ibrahim."Ultimately, the cost of resolving financial crime is [in the loss of] money and time--one way or another, the victim is paying a 'price' and the impact is not just financial but emotional, too.

Almost half of frauds in S'pore not resolved
In the report released Thursday, 58 percent of victims said they were angered by the situation, 51 percent expressed frustration, while 45 percent felt cheated. Symantec also said the NCR is the first report to shed light on the human toll from cybercrime.

The survey revealed that while it took an average of 24 days to resolve a cybercrime, the cost could be as high as US$1,202 (S$1,660) from the replacement of machines. This explains why 43 percent of victims have never fully resolved the matter, even as 26 percent said they do not have the time to do so.

This compares with a global average of 28 days and US$334. In India, while the resolution time is the longest at 44 days, it costs just US$113 to do so. In advanced economies like Sweden, it takes only nine days and US$177 to settle the issue.

Social media sites most targeted
According to Effendy, the advent of social media has allowed cybercriminals to quickly gain access to computers through posing as "friends" on social-networking platforms, and it is usually these trust networks that rogues target.

He further explained that with remote access, cybercriminals may not take action immediately but wait till they are able to amass a huge number of victims. These tricksters then proceed to obtain personal information and sell this for as little as US$0.85 per detail, with credit card information being the most popular target.

With cybercrime becoming an "epidemic" and little action take by victims, it is no wonder the global underground economy is worth US$7 billion. As Symantec's regional consumer product marketing manager for Asia Pacific David Hall pointed out, all it takes is a US$700 Zeus toolkit for one to become a cybercriminal. The toolkit allows computer rogues to create unique malware individual to single users, which can then be sent out to steal confidential information.

The press briefing also saw the launch of the Norton Internet Security and Norton Antivirus 2011 suite, which the security vendor claims is the only suite to achieve a 100 percent protection score in a new third-party test from Dennis Labs.

Hall said the security vendor's unique "Reputation Based Security" instantly checks when and where programs originated to identify and stop new malicious programs. Together with information contributed by "community watch" members, users will be able determine whether their download behavior is risky.

In a bid to provide even more protection to Web users, Symantec has also launched free tools such as the Norton Power Eraser, which targets and deletes fake antivirus and scareware programs that have become increasingly rampant. There is also a Facebook scanning tool that allows users to check links posted on "walls" to prevent clicking on malicious Web sites.

Hall admitted that while consumers still face a higher risk of cybercrime, many are continuing to rely on free antivirus software, which may not be able to defend their computers adequately. Ibrahim added that public education is still key to maximizing protection and ensuring one's best Internet experience, but said this has to depend on other vendors and users contributing to the ecosystem to stamp out cybercrime.

Legislation key to weeding out cybercrime
Also speaking at the press briefing was lawyer Bryan Tan from Keystone Law Corporation, who specializes in technology cases. He revealed that the firm sees an average of five to 10 cases a year, with corporate to personal cases on a ratio of 1:4.

However, it is the "personal" victims that suffer the most, as most do not have deep pockets to advance their case.

Tan also said that a country's legislation is key to weeding out cybercrime, as cybercriminals tend to pick countries with little or no jurisdiction to launch attacks. "While Singapore has been strengthening its computer laws, Asia-Pacific countries are also moving toward improving legislation and cooperating on cross-border investigation," commented Tan.

The U.S. version of the NCR is available here.

Editorial standards