Tag Archives: Norton Cybercrime Report 2011

WARNING! You Are Now Connected To The Internet!

imageAny organization which provides services that expose the end user to risks – physical risks, financial risks, health risks………. expects that the user will assume the reasonable risks associated with the consumption of the service.

You can be sure, if you go on an African safari you will be required to assume the risk of being eaten by a Lion – ouch! If you venture on a mountain climbing vacation – you will have to assume all the risks associated with this type of activity – including the risk of personal injury, and even death.

image

In both of these extreme examples, you will be required to demonstrate that you are aware of the risks, and accept and fully assume those risks, and hazards, associated with the activity.

In order to protect its interests, the service provider will demand that you sign a liability waiver designed to mitigate its responsibility in all but the most egregious of circumstances.

This is a two-fold practical warning solution .

It ensures that the consumer has considered the risks, and found those risks tolerable.

It offers protection to the service provider in the event, the consumer behaves outside common sense boundaries.

Why then, I wonder – given the constantly deteriorating state of Internet security, and the privacy, financial, and assorted other risks that a typical users is expected to assume (users who are largely unaware of the assumed risks) – Internet service providers have not considered the appropriateness of providing a “WARNING! You Are Now Connected To The Internet!” notice to consumers on Browser launch. No waiver of liability required – just a constructive warning.

Such a notice, might offer practical advice such as the following – but certainly not necessarily limited to these innocuous tidbits.

Users should be aware that the Internet is not a secure medium and that third parties may be able to obtain information regarding users’ activities.

The validity or accuracy of information found on the Internet should be considered with caution.

Some resources and destinations may contain material that you might find offensive, or inappropriate.

Software downloaded from the Internet may contain malware.

I have no doubt that Internet service providers could make a persuasive argument as to why they don’t have an obligation to educate consumers on the very real risks associated with the use of their service. But, in my view, there are fundamental considerations over and above a – “they don’t have an obligation” mindset.

Just one consideration –

Lack of consumer security awareness has led to the creation of a cyber crime industry – and, there’s little doubt that it is an industry – which is responsible for the theft of $388 billion globally (Norton Cybercrime Report 2011), in the past year, alone.

Additional information from the Norton Cybercrime Report:

Every day of the past year, over 1 million online adults in 24 countries experienced cybercrime.    This can also be broken down to 50,000  victims per hour, 820  victims per minute, or 14 victims every second.  In just the last 12 months 44% of people have been a victim of cybercrime while only 15% have been a victim of physical crime in the same period.

Norton emphasizes the point (made here many, many times), that cyber crime can be largely prevented if – good security practices (which includes patched operating systems and applications), are followed.

All well and good – provided, consumers are regularly reminded of the Internet risks they face. It’s my view, that Internet service providers can do much more to raise an awareness of these risks.

It may be a pipedream when I think that ISPs should consider their moral obligation in this matter – still, I can’t help but think out loud.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

15 Comments

Filed under Opinion, Point of View

Are You A Sixty-Nine Percenter?

imageHopefully, you are not a member of the sixty-nine percent club. If you’re not, then you have not been a victim of cyber criminals – unlike the two thirds of online adults (69 percent), who have been a victim of cybercrime in their lifetime.

According to the United Nations telecommunications agency (January 2011), the number of Internet users now exceeds the two Billion mark, worldwide. It’s easy to see then, that cyber criminals have a virtually unlimited playground in which to ply their trade. And, they do just that – with a vengeance.

Symantec, in it’s recently released Norton Cybercrime Report 2011, makes the point that every second 14 adults become a victim of cyber crime – which translates into one Million+ Internet users who are duped by the detestable sleazebag members of the cyber criminal community – every day. Let’s take it a step further – if we annualize this number, we end up with a shocking 431 Million cyber crime victims.

image

Graphic courtesy of Symantec

The sheer number of victims is appalling, but the hard monetary costs involved are stunning.

Global cost of cybercrime – from Symantec:

With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion).

At $388 Billion, cybercrime is more than 100 times the annual expenditure of UNICEF ($3.65 billion).

I’ll borrow a concept from the Real Estate industry for a moment, and that is – the concept of, “highest and best use”. The use of money can also be described in this way, and the following graphic illustrate how cybercrime can impact this concept at a societal level. It’s rather telling, what those diverted dollars, if employed elsewhere, could accomplish.

image

Graphic courtesy of Symantec

It’s important to understand that cyber criminals are not selective – it doesn’t matter where you reside – the entire Internet community is fair game.

image

Graphic courtesy of Symantec

While an installed Internet security suite (or a stand-alone AV application), won’t eliminate all cyber crime risks, it is effective in reducing risk exposure to manageable, and acceptable levels. One has to wonder why 41 % of those surveyed (as illustrated in the following graphic), connect to the Internet while running out-of-date security software.

image

Graphic courtesy of Symantec

It’s common practice for members of my group to query clients on the state of Internet security, the protective measures they have instituted to ensure both their own safety, and the safety of their systems, while connected to the Web – so, I’ll not take issue with the statistics in this graphic. Except to say – they may be underestimated.

Within my group, we find that a significant percentage of polled clients have little interest in Internet security, and fail to understand the vulnerabilities and issues that surround computer system security.

Common responses to queries include:

Security applications are too confusing and hinder my “fun” by slowing down system response time.

I didn’t know I shouldn’t click the ‘YOU ARE A WINNER!!!!’ banner.

My anti-malware application has let me down – how was I supposed to know I was downloading a bad program!

I’m not sure how my machine got infected – it just happened.

I like to download from Crack sites and Peer-2-Peer networks. So what?

I got a popup saying I was infected, so I clicked on it. What else was I supposed to do!

I didn’t know I was supposed to read the End User License Agreement – I don’t even know what that is.

I thought I had Windows update activated.

What do you mean I should update ALL my applications?

What’s a Firewall – never heard of it?

On the face of it, it might appear as if these types of responses are somehow not very typical. Unfortunately, these responses are not only typical, but characteristic of the majority of the home computer users’ my group comes into contact with every day.

Given this abysmal performance  the following is worth considering –  “In the past, the Internet consisted, mostly, of smart people in front of dumb terminals. Now, the reverse situation dominates”. It may seem a little facetious – but is it, really?

More and more it’s obvious to me, that relying on computer users taking responsibility for their own security and safety, is a non-starter. It’s just not happening. Personally, I hold out little hope that this will ever happen.

In the circumstances, it’s well past time that the “controlling interests” develop a rational approach to the underlying security issues surrounding the Internet – failing which, cyber crime will continue to flourish, and successful attacks on computers over the Internet will continue to proliferate.

Equally as important, in my view – we need a concerted effort from law enforcement, at every level, to actively pursue those who continue to cause havoc on the Internet.

Despite the fact that cyber crime could not be a more pressing problem – one which gives rise to significant human and financial costs – the naysayers, and the “can’t be done” proponents have the field, for the moment. But, only because we, as a society, allow it.

It’s time you demanded a much more aggressive response to cyber crime from those who are charged with ensuring your safety and security – whether it be in the “real” world, or the “virtual” world of the Internet. It’s time that you let your voice be heard. It’s time to emulate Peter Finch and state – “I’m as mad as hell and I’m not going to take it anymore!”

If you’re interested in the full Norton Cybercrime Report 2011, it’s available here in multiple languages.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

2 Comments

Filed under Cyber Crime, Cyber Criminals, cybercrime, Malware Reports, Norton, Reports, Symantec, Tech Net News