The head of research for a leading internet security company told a media briefing in Sydney last week that more than a million new strains of malware had been smuggled into cyberspace in 2008, more than in the previous 20 years.
"We've crossed the point where there is now more malware in the world than goodware," Joe Pasqua, Symantec's vice-president of research, said.
Which means that Dr Raymond Choo has chosen a career in what is probably the internet's fastest-growing sector.
A research analyst at the Australian Institute of Criminology, where he focuses on high-tech crime and anti-money laundering, Choo is one of 23 Australian 2009 Fulbright Scholars. Later this year he will visit Rutgers University and the Palo Alto Research Centre to further his study of the future of cybercrime as part of a Department of Foreign Affairs and Trade-sponsored scholarship trip.
Symantec's headquarters is also on his visiting list, and he agrees with Joe Pasqua that targeted malware is now the major trend in cybercrime, with viruses and other cybernasties being tailored to attack groups as small as 20 internet users.
''Attacks are becoming more targeted, more sophisticated and more financially motivated,'' he said. ''In the early phase of hacking and virus creation the motivation was to be noticed. Now they want to lie low so that their malware is not recognised by the anti-virus companies, so they can maximise their profits.
''This is a trend that is going to continue.''
Amid media reports of attempts by Chinese spy agencies to hack into Australian Government and commercial networks at the highest level, he said cyberespionage tactics and methods were generally similar to those employed by cybercriminals.
An AIC paper in which he was lead author, Future directions in technology-enabled crime: 2007-09, cautioned that attempting to attribute the actual source of cyber-espionage ''is not a straightforward process''.
It cites a report of a cyberespionage investigation which suggested that networks of infected computers physically located in a particular jurisdiction ''could have been deployed as staging posts, perhaps in an effort to deliberately mislead observers as to the true operator(s) and purpose of the [espionage] system''.
Now 33, Dr Choo came to Australia as an international student in 2001 after five years in the Singapore police force.
With IT and business administration qualifications from the University of South Australia and a PhD in cryptography from the Queensland University of Technology, he joined the AIC in 2006.
''I have a personal interest in criminology and law enforcement,'' he said. ''When I finished my PhD I had the option of going to industry or merge my interests in law enforcement and IT to work on cybercrime.''
At Rutgers University he will study at the School of Criminal Justice headed by Professor Adam Graycar, who was director of the AIC from November 1994 to September 2003.
At Palo Alto in California he will join a group headed by principal scientist Marcus Jakobsson, whose work focuses on phishing.
In line with the trend to tailor malware, Jacobsson says phishing is being supplanted by ''spear phishing'', where select groups of high-worth individuals are targeted, or where the potential yield is increased by making the phishing emails relevant to each user by gaining knowledge about their banking and other online activity.
''Our group [Palo Alto Research Centre] is anticipating trends in online crime, and proactively developing countermeasures whether technical, legal or educational,'' he said. ''Raymond will be able to share his understanding of cybercrime trends and contribute towards a better understanding and identification of current and emerging issues in cybercrime, and simulated enhanced collaboration between the AIC and PARC through direct working relationships.''
Dr Choo expects the global financial crisis to provoke more illegal activity and security breaches, particularly by disgruntled insiders or workers under financial stress.
While security firms and law enforcement authorities continue to develop solutions to thwart and identify cybercriminal and espionage activities, efforts are limited by the need to retain functionality.
''There is always a trade-off between security and useability, and the weakest link is human, so user education is very important,'' he said.
www.aic.gov.au
www.rutg ers-newark.rutgers.edu/rscj/l
w ww.markus-jakobsson.com
Email a friend
Favourites
Del.icio.us
Facebook
Digg
StumbleUpon
MySpace
Reddit
Newsvine
LinkedIn
Kwoff
Twitter