The IC3 2011 Internet Crime Report was recently released. The IC3 is where many smaller crimes such as identity theft, email scams and other internet crimes are reported. It does not cover all reported crime and is only an indicator or the trends we see across multiple industry sectors and reporting agencies. There are some very interesting numbers for the "Average Joe" and small business owner in this report.
Total complaints received: 314,246
Complaints reporting loss: 115,903
Total Loss: $485,253,871
Median dollar loss for those reporting a loss: $636
Average dollar loss overall: $1,544
Average dollar loss for those reporting loss: $4,187
This should be a wakeup call to all individuals and small business owners out there that internet crime is real. It targets everyone. When approaching small businesses to help them ensure information security we're often told "We're too small to be a target." or "We don't have enough revenue to make it worth the time to target us." Hopefully this information will dispel that myth. The average loss was $4,000. How big does a company need to be before losing $4,000 at a time isn't worth the effort to stop it?
The FBI and other US agencies have issued a travel advisory for a cyber threat at international hotels. You can read the full advisory here. While we often think about the physical dangers US citizens face when traveling abroad, we often overlook the danger to information security. Your data is a very large target. It's important to remember that your personal property can be seized by any government for just about any reason. We have some protections as US citizens while in the US, but very few protections in other countries. I almost wound up in a Mexican jail and had my truck seized in Mexico while on a mission trip years ago for "speeding". Paying my "fine" on the spot kept us out of jail. Don't let your laptop, thumbdrives or other valuable data storage devices end up as "contraband". Take only what you need and try to leave all your critical data at home and connect to it remotely. You can't lose what you don't have.
The FBI has pushed back the date for shutting down the DNS server which served the DNSChanger malware sites. The FBI reports there are nearly 500,000 systems still infected and using the rogue DNS server.
Network administrators should check their systems at https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS to ensure they are not impacted. Once the deadline of July 9th comes, any system using the rogue servers will be unable to access the internet until the malware has been removed and correct DNS settings are restored.
By the way...All you Mac users out there? This affects you too! Anti-malware software really is a necessity on all platforms.