Sizing the Opportunity for Opportunistic Cybercriminals
ABSTRACT
According to Graboske, et al ‘the fundamental principle of criminology is that crime follows opportunity, and the opportunities for theft abound in the Digital Age’. But what is the extent of this opportunity? There are numerous hacker toolkits readily available from the Internet that exploits security weaknesses in target systems. This paper presents the results of a 11⁄2- year survey of websites that tested for such weaknesses. The author examined popular ‘hacker’ toolkits and assembled a data collection toolkit that tested for 70 exploits. Whilst some 2 million websites were targeted across the 57 most populous domains, 748,000 are reported. Of these, 77% displayed susceptibility to at least one exploit. Whilst this indicates significant opportunity, it also demonstrates the lack of capable guardianship by system owners and those tasked with protecting cyberspace. The facts that ISPs’ fail to collect identification details and allows bulk system scanning are factors that facilitate the commission of cybercrime.
AUTHORS
Architecture Director, e-Security, Unisys
Australia
Ajoy Ghosh has 11 years experience in the area of computer crime, IT Security and Privacy. After graduating as a Computer Engineer, he spent a number of years investigating computer related crimes for law enforcement. He joined Westpac as an IT Audit Manager and later an Information Security Manager, before becoming the. His current role is Principal Consultant, 90 East (Asia Pacific) Pty Ltd. Ajoy advises a number of industry and government committees on information security and cyber.
Published In
Keywords
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive