Norton Cybercrime Report

Norton Cybercrime Report

The next time you surf the Internet, consider this: You might be just one click away from becoming the next cybercrime victim. A new study released today from security software maker Norton reveals the staggering prevalence of cybercrime: Two-thirds (65 percent) of Internet users globally, and almost three-quarters (73 percent) of U.S. Web surfers have fallen victim to cybercrimes, including computer viruses, online credit card fraud and identity theft. As the most victimised nations, America ranks third, after China (83 percent) and Brazil and India (tie 76 percent).

The Norton Cybercrime Report: The Human Impact shines a light on the personal toll cybercrime takes. The first study to examine the emotional impact of cybercrime, it shows that victims' strongest reactions are feeling angry (58 percent), annoyed (51 percent) and cheated (40 percent), and in many cases, they blame themselves for being attacked. Only 3 percent don't think it will happen to them, and nearly 80 percent do not expect cybercriminals to be brought to justice- resulting in an ironic reluctance to take action and a sense of helplessness.

"We accept cybercrime because of a 'learned helplessness'," said Joseph LaBrie, PhD, associate professor of psychology at Loyola Marymount University. "It's like getting ripped off at a garage - if you don't know enough about cars, you don't argue with the mechanic. People just accept a situation, even if it feels bad."

Despite the emotional burden, the universal threat, and incidents of cybercrime, people still aren't changing their behaviours - with only half (51 percent) of adults saying they would change their behaviour if they became a victim. Even scarier, fewer than half (44 percent) reported the crime to the police.

Cybercrime victim Todd Vinson of Chicago explained, "I was emotionally and financially unprepared because I never thought I would be a victim of such a crime. I felt violated, as if someone had actually come inside my home to gather this information, and as if my entire family was exposed to this criminal act. Now I can't help but wonder if other information has been illegally acquired and just sitting in the wrong people's hands, waiting for an opportunity to be used."

Solving cybercrime can be highly frustrating: According to the report, it takes an average of 28 days to resolve a cybercrime, and the average cost to resolve that crime is $334. Twenty-eight percent of respondents said the biggest hassle they faced when dealing with cybercrime was the time it took to solve.

But despite the hassle, reporting a cybercrime is critical. "We all pay for cybercrime, either directly or through pass-along costs from our financial institutions," said Adam Palmer, Norton lead cyber security advisor. "Cybercriminals purposely steal small amounts to remain undetected, but all of these add up. If you fail to report a loss, you may actually be helping the criminal stay under the radar."

The "human impact" aspect of the report delves further into the little crimes or white lies consumers perpetrate against friends, family, loved ones and businesses. Nearly half of respondents think it's legal to download a single music track, album or movie without paying. Twenty-four percent believe it's legal or perfectly okay to secretly view someone else's e-mails or browser history. Some of these behaviours, such as downloading files, open people up to additional security threats.

But there are simple steps people can take to protect themselves, according to the report. "People resist protecting themselves and their computers because they think it's too complicated," said Anne Collier, co-director of ConnectSafely.org and editor of NetFamilyNews.org, who collaborated with Norton on the study. "But everyone can take simple steps, such as having up-to-date, comprehensive security software in place. In the case of online crime, an ounce of prevention is worth a ton of cure."

The best defence against cybercrime, and the best way to protect yourself, is to surf the Internet with up-to-date, comprehensive security software such as Norton Internet Security 2011, which was launched today.

For more tips, and insights from this groundbreaking study, or to better understand the alarming extent of cybercrime, the feelings of powerlessness and lack of justice felt by its victims, please view the full Norton Cybercrime Report: The Human Impact: www.symantec.com/norton

Interview with Alastair MacGibbon

Alastair MacGibbon is a cybercrime expert.

Question Can you explain what cybercrime consists of?

Alastair MacGibbon: With Cybercrime essentially you will find there is an analogue for everything you see criminally offline, in the online space. You have people that commit fraud online and malicious code which is essentially software that acts in a way that you really don't want it to and that is one of the biggest issues you find online because you are dealing with technology. Cybercrime is also sexual predators, scammers who aren't exactly committing 'fraud' but you're not getting what you're really after through to a whole range of other things that occur, online.

In my experience, as a police officer, operating online and as a person who has dealt a lot with consumers, online, I really see the whole gamut of things that can go wrong offline can go wrong online, as well.


Question A form of cybercrime is downloading movies and music, online. How can we prevent friends and family downloading music or movies?

Alastair MacGibbon: I think the most important thing is don't participate in it, yourself. The simple fact is that people have paid to produce those things. Performers make their income out of performing, re-selling and marketing themselves via music or movies. The simple fact is that nothing in life is free at the very least you are actually harming someone else. One of the great things about online is that it has dropped prices for many things. We can get good quality movies and audio very cheap, these days.

You have to remember that when you download music or even movies you could potentially be harming yourself because we do see criminals putting malicious code on the products, for that very reason and you will be downloading what is known as malware.


Question What do Australians need to do to ensure they're not the next cybercrime victim?

Alastair MacGibbon: Very importantly, these days is that everyone needs to make sure they have an anti-virus firewall operating on their computer. The Australian Communications and Media Authority believe that approximately 50% of the Australian populations don't have that protection; if you don't have it, you are asking for yourself to be a victim.

Let's presume you have an anti-virus and a firewall you need to make sure that you patch your operating system and patch the applications that run on your computer. For example if you are using Microsoft products you want to patch the Windows Operating System. You need to patch Word and Excel and you can set your computer to do this automatically. These days when you load those systems onto your computer, it will ask 'Do you want to automatically go out to the web and check for updates?' the reason why you want to say 'yes' is criminals will always be finding new ways to exploit any computer program, no matter who programmed it. The developers will release these patches that help block the vulnerabilities as they are discovered. You want to make sure you are updating your operating system.

You want to make sure you have a hard to guess password that is different for each of your online accounts and you want to change that reasonably regularly. That way, if your password is stolen; a) they only get access to one of your accounts, not all of them b) if you change your password and it is stolen once, through one of the malicious programs, then what they have got is an old password that is no longer useful.
You need to make sure you have a different password for your bank account, your eBay account and your PayPal account.

These are my top tips and I could go on, for ages talking about how you pay online and how you click on links, which is also very important. The reality is if you patch your system, you have an antivirus and firewall all operating it reduces the likelihood of all those other things going wrong.

You have to have a creditable anti-virus as I said, in life you get what you pay for. The reality is that we even see criminals marketing anti-virus programs as a way to infect your computer. Go for the repeatable brands.


Question Why do you think many people becoming angry after becoming a victim of cybercrime?

Alastair MacGibbon: I think a lot of people feel silly if they're a victim of cybercrime; which they shouldn't. I have dealt with victims, online and offline, for over 20 years and the reality is that no victim deserves to be a victim and that is the same whether it is online or offline and that should be our first view of all of this.

There are things that we can do to reduce the likelihood of that victimisation which is the very things I've mentioned above.

I meet people everyday who say "I'm smarter than those people, I have never been victimised and I have never had a computer compromised" and I say "These days, online, if you don't have those protections, the simple reality is you will become a victim at some point, if you know you are going to become a victim then there are simple things that you can do to reduce the likelihood of it happening, it is prudent that you do that."


Question Are there any punishment measures for cybercriminals?

Alastair MacGibbon: Theoretically the criminal law is quite tough, in this regard; many of the offences are the same if you commit them online or offline. There are some pretty tough penalties for specific cybercrimes.

The reality is that criminals online are less likely to be caught and they will probably receive lighter sentences, most of the time and that is an element of the judiciary in this country and other countries, that needs to come to term with the facts. We constantly call this stuff 'cyber' or 'virtual' crime, I don't believe it is virtual crime, speak to a victim of online crime and they say "there was nothing virtual about it".

Many of the sentences and law enforcement agencies still view it as it is 'virtual' and believe that no one really got hurt and that is plain wrong. It is an education process and it is a generation process and it won't be the same in ten years. The reality is I remember the first time that I used the Internet; kids today don't because it was a part of life. The internet is an interval part of their life and it will be for their entire life.