Spam in June 2013

• June in figures
• Spam in the spotlight
  • Celebrity master classes
  • iPhone in spam
  • Spammers contribute to affordable education
  • Cigars for the holiday
• Spammer methods and tricks
• The geographical distribution of spam sources
• Malicious attachments in email
• Special features of malicious spam
• Phishing
• Conclusion

Source: Securelist

IT security in 2030 – only humans will be the same

Twenty-three years ago one of the major hacker attacks in the history of the US was widely reported in the media. In this context, Clifford Stoll published his book The Cuckoo’s Egg, which has gone on to become a classic of IT literature. In the same year Tim Berners-Lee invented the World Wide Web, Intel launched its brand new 486 processor with 25 MHz, and the Berlin Wall fell. Back then, though, computing was the preserve of small communities of much-ridiculed geeks, so 1989 remained in the collective memory as the year the Wall came down. Everything else was immediately forgotten.
More than two decades later, computers have not only become socially acceptable but, thanks to Apple, they are even status symbols. These days anyone going to a library for information, transferring money at a bank counter, or exchanging traditional “snail mail” business letters, normally does so as a private individual: in our professional environment it is almost impossible to avoid the use of search engines, online banking and email.
What long-term impact will this development have on our lives? It is clear that any attempt to predict the IT security landscape in 2030 will have to be a forecast of security and society in general. IT is now almost everywhere, and its scope will only increase in the future.

Taking great steps towards the future

Future generations will pinpoint 2012 as the year where the hegemony of the traditional personal computer was ended – ironically by the very company that was once inseparably connected with it – Microsoft. Like Apple and Google, the Windows giant is also now opting for a multiple-device approach: cell phones, tablets and increasingly television sets with a built-in operating system are all steadily challenging the PC’s traditional dominance. Online cloud storage instead of a hard drive in the desktop computer, applications from the App Store instead of downloads from dubious websites – times are changing, just as surely as analogue cameras have been superseded by digital devices. Gradually, more sophisticated camera phones are in turn replacing these. There is no doubt that analogue films, digicams and PCs will still exist in ten years’ time, but their heyday is past. Against this background, it would hardly be surprising if smartphones lost their current cachet as the must-have techie toy within the next five years, because augmented reality glasses are now the up and coming thing.
These are special optical aids – including a built-in camera, display and computer. The special feature of augmented reality is that for the wearer reality and computer-generated images merge together. Thanks to a continuously activated camera and the face recognition function, a poor memory for names won’t be a problem any longer as the name, age and profession of the person we are talking to will be automatically displayed next to his or her face. On holiday, foreign-language menus will simply be replaced by a translated version. And if you get lost, you can use the pedestrian navigation system to virtually project your path onto the pavement in front of you. Additionally, a multimedia diary based on the continuous data flow of the camera, the microphone and GPS will automatically be created. No need to be impatient: in 2013, Google plans to deliver its Google Glasses to developers, and other manufacturers will follow. This fusion of the real and the virtual world will change so many things in the coming years that we simply cannot overestimate the importance of this development.
But when it comes to technology, there is always a dark side: if millions of people walk around with cameras permanently activated, nothing outside their own houses will remain private. Society will monitor itself and it remains to be seen if and how a balance between technology and privacy can be maintained. Automatic deactivation of cameras at particular places is an option for which Apple has already filed a patent.
Another problem: even the sharpest minds can only use the information at their disposal. Seeing is believing, as the saying goes. Just imagine an activated augmented reality feature tricking you into thinking that the restaurant you were going to visit was infested with cockroaches – you’re going to go to the establishment across the street instead, aren’t you? We’ve already seen how these “opinions” can be manipulated by paid “customers” in relation to hotel ratings on the Internet – but we still get tricked. So the advertising industry itself will be particularly interested in “optimizing” our reality to suit its agenda. It really would be dangerous if the system as a whole were hacked without the person concerned realizing that he or she is living in a dream world which has nothing to do with reality.
Of course, the future involves much more than just augmented reality. But even when putting aside fascinating future topics such as nanotechnology, genetic research or food-producing 3D printers, you certainly won’t be bored: the much-heralded Artificial Intelligence is closer than ever to becoming reality. In 1997, IBM’s Deep Blue defeated the Russian Garry Kasparov 3.5-2.5 (the chess world champion had managed to win the previous match played the year before) – but its success was based on enormous processing power rather than true intelligence. Nevertheless, in 2001, IBM launched the amazing Watson computer that managed to trump a 74 times Jeopardy winner in a quiz game. This victory was due to the language processing technology that has been perfected over the years and to algorithms capable of independently gaining new findings on the basis of existing data. In the same year, Apple presented Siri, an imperfect but nonetheless trend-setting digital assistant. As expected, Google has joined the scramble to develop the smartest computer system. In parallel, a number of other projects have been initiated – partly supported by EU funds – whose objective is to emulate a complete human brain in a computer. Whether they are creating digital assistants or artificial brains, researchers have the will and the financial backing to complete this long journey.
Ultimately, we are looking at nothing less than the complete autonomization of our environment: cleaning robots, cars, even houses. We’ve already seen the Google Car obtain a license in the state of Nevada this year, making it the first ever motor vehicle to be recognized as capable of driving itself without human input. There have also been great advances in the field of robotics research: recently, the US agency DARPA demonstrated a robot known as the Cheetah, which runs at 45 km/h, i.e. faster than any human being. When these robots can be animated by genuine artificial intelligence, those visions we’ve seen in sci-fi films could start to become reality. Whether you look forward to all this or it just makes you shudder is up to you!

Everything changes

Discontinued model	Solution for the future
Television, PCs, laptops, tablets and smartphones	Augmented reality glasses and displays available everywhere – from watches to monitor walls
Software, movies, music bought ‘in a box’	Cloud-based content, charge according to frequency of use
Video game consoles	Virtual play worlds which can be entered from any computer system
Manually controlled cars	Fully automated transport systems
Cash	Digital payment systems
School	Individualized teaching by intelligent systems, perfectly tailored to students’ individual skills
Workers	Robots

The world in 2030

So, what will life in the future look like? Augmented reality devices will mostly replace today’s ultra-popular smartphones. Overwhelming progress in directly connecting computer chips and optical nerves will enable blind people to access augmented reality. And the most popular videos in the YouTube of the future will be self-made 3D movies – including unlimited viewing angles and freely focusable depth range. Traditional game consoles will disappear. Instead, virtual universes will be computed by huge computer systems distributed across numerous cities – partly located down in the basements of big apartment buildings to keep transmissions paths as short as possible. It’s a great opportunity, if you can create play worlds which are interesting enough to persuade other players to join up and pay a subscription or joining fee.
Extremely powerful computers are required for all this. The rule of thumb is: the smaller the transistors in a processor the better the speed. With every further step towards miniaturization, Intel and co. are approaching the limits of what is physically feasible. In the past, though, processor developers have repeatedly demonstrated their creativity, and a massive increase of the core number on every chip could also be an option. At present, the processing performance of computers is expected to double every 18 months, while the price remains the same. This would mean that in 18 years’ time, computers would be four thousand times faster than those of the machines available today. In theory, home computers could be more powerful than that IBM Watson supercomputer (for the techies: 2880 Power7-cores featuring 3.55 GHz each), at a cost comparable to an ordinary laptop today. It would be possible to create the first Toy Story film on a home desktop, in real time and at cinema resolution, and the first-ever complete computer simulation of the simplest known genome Mycoplasma Genitalium, celebrated just a few months ago as a scientific milestone, would be a standard experiment conducted in school classrooms.
The quantum computer technology we hear so much about is also expected to have matured by 2030. Considering the present state of knowledge, it won’t be possible to solve every typical computer problem using a handful of quantum bits, but the cracking of strong RSA encryption (applied for instance to provide security for emails and online-banking transactions) could have become reality twenty years from now.
It seems certain, however, that rootkits, Trojans and phishing attacks will continue to be serious problems over the coming years, with attackers concentrating more on servers than on devices. This is because more vulnerabilities appear in complex environments and it is reasonable to assume that the operating systems of tablets and smartphones will be “purged” within the next few years and that the bulk of the coding will be shifted into the cloud – and thus onto the server side.
It is, of course, not just the financial implications of the computer viruses of the future that are serious. The detection of the sabotage worm known as Stuxnet in 2010 confirmed suspicions that malware could also have a political context. The continuous militarization of cyberspace will produce legions of professional malware authors as the creation of Trojans and the carrying out of web attacks is legitimized and even supported by some states.

Singularity

As suddenly as this trend has emerged, its end may not be far off – humans working to create new security threats could be superseded by machines fighting against machines. This is where the progress of artificial intelligence could be crucial. The magic word is “singularity”, used in future studies to describe the point in time when computers will be sufficiently intelligent to develop independently without human support. It sounds incredible and there is still huge controversy among scientists about when – or indeed if – we will reach this point. I don’t want to bore you and duck the question: my guess is that it will arrive in 10-15 years.
Even today it is difficult for us to keep pace with the breathtaking speed of new developments. But when singularity is achieved, the pace will accelerate significantly yet again: it’s as if prehistoric man had discovered fire at breakfast, had been catapulted into the Middle Ages by lunch time, witnessed the industrial revolution in the afternoon and then arrived in the computer age by the evening!
Our minds, as well as our senses, developed over millions of years by the gentle hand of evolution, will be suddenly exposed in one blink of history’s eye to technologies that are generations ahead of our biological development.
Now, there’s nothing bad about technical aids, though our ancestors certainly took advantage of the illiterate once written language had been invented. In recent years, search engines and services like Wikipedia have pushed information processing forward. But one thing still applies: it is man who holds the ropes, while the computer lends its technical horsepower to the task at hand. If, though, we allow our lives to be entirely optimized through digital assistance systems, that balance of power will be reversed. Every attempt to return control to the human mind will inevitably cause efficiency losses.
After a certain point, intelligent systems could become so superior to us that we would no longer be able to grasp the mechanisms and reasons underlying the advice they gave us. We would resemble infants who trust their mothers blindly because they have no other option. The difference, though, is that a child grows and will, as an adult, finally be able to stand on his or her own feet. Humanity could be dependent on the assistance of computers for the rest of our lives.
Even if the next few years are relatively calm, we need to start thinking now about how to deal with these developments. How should researchers react to a breakthrough in artificial intelligence? When all is said and done, a highly intelligent system could be abused as a weapon. Developing nuclear devices is forbidden to the average citizen by international treaties – but building an all-powerful intelligence at home will present the creators with no legal problems at all and regulating them will probably be impossible. Let’s just hope that the lucky creator of the first genuine artificial intelligence will not immediately decide to go for world supremacy!
Another challenge is how to deal with the truth: we expect computers to be absolutely objective. If a head of state was just told that he is wrong in front of his people and asked if he would kindly resign – would he accept? Or will we force computers to adopt our “truths” against “their” better judgment? In such a world, we would not need antivirus software but psychologists as the compulsory processing of contradictory information can only lead to digital psychosis – remember the film 2001: A Space Odyssey?

Common sense

The future holds exciting opportunities, but there are also lots of risks and our own weaknesses, in particular, will play a major role. In the 1950s, scientists Peter Milner and James Olds experimented on rats with electrodes implanted in their brains’ “pleasure centers” – if these animals were offered the chance to stimulate themselves at the push of a button they continued doing that until they died of complete exhaustion. On a computer-controlled planet, neither clocking in nor job centers would exist. Everybody would be free to realize his or her own dreams and talents. Depending on our self-discipline, a world full of artists, athletes and writers might emerge – or, on the contrary, a sad little heap of lethargic couch potatoes!
When I am asked in interviews how people can best protect themselves against Internet threats, I always emphasize – apart from technical solutions – the importance of common sense. And if common sense ever fails, we can only hope at least that the computers will keep cool heads!

The biggest opportunities and dangers of our digital future

Technology	Utopia	Dystopia
Singularity	Living in paradise – everybody does what he likes – machines handle the rest.	The last world war could have been won by a laptop that only “acted under orders” – or which classified humanity as a whole as a risk to security.
Intelligent infrastructures	Traffic flows, logistics – everything is perfectly coordinated, thus preserving resources and also the environment.	In case of a malicious attack, cities could be cut off from food supplies, citizens held hostage in their houses, and the doors of prisons opened.
Digital life coaches	Personal all-around advice: never again forgetting appointments or wasting time with paperwork.	Complete technology dependence and thus the associated risk of leading heteronomous lives because of manipulated data.
Medical robots	Cheaper operations, reduced risks of medical malpractice and wrong diagnosis, no waiting times at the doctor’s surgery.	Loss of expert knowledge as medical education will be financially less attractive. Cases of death resulting from hacked systems.
Military robots	The advantages are obvious – for those who have the more powerful robots.	If, in the event of war, you have no fear of human losses on your own side, then the threshold for starting an aggressive war will be lower.
Augmented Reality	We extend our perceptive abilities and gain new insights into ourselves by continuous life logging.	Total loss of privacy and dependence on computerized prostheses in the long run.
Cashless payment solutions	Shopping becomes more convenient. Tax fraud becomes impossible so the tax burden is distributed fairly and equitably.	Abandoning cash entirely means, in the event of a computer breakdown, no standardized medium of exchange would be available.
Quantum computers	The opening of amazing perspectives, especially in the field of science, e.g. in the simulation of chemical elements.	Quantum computing could pose a serious threat to some encryption technologies such as RSA.

The German version of this article was originally published on the 10th of December 2012 in the book “Vision 2030” (GABAL publishing house)

Source: Securelist

Flame: Replication via Windows Update MITM proxy server - Securelist

Flame: Replication via Windows Update MITM proxy server - Securelist: The Flame malware uses several methods to replicate itself. The most interesting one is the use of the Microsoft Windows Update service. This is implemented in Flame’s “SNACK”, “MUNCH” and “GADGET” modules. Being parts of Flame, these modules are easily reconfigurable. The behavior of these modules is controlled by Flame’s global registry, the database that contains thousands of configuration options.

Back to Stuxnet: the missing link - Securelist

Back to Stuxnet: the missing link - Securelist: Two weeks ago, when we announced the discovery of the Flame malware we said that we saw no strong similarity between its code and programming style with that of the Tilded platform (http://www.securelist.com/en/analysis/204792208/Stuxnet_Duqu_The_Evolution_of_Drivers) which Stuxnet and Duqu are based on. Flame and Tilded are completely different projects based on different architectures and each with their own distinct characteristics. For instance, Flame never uses system drivers, while Stuxnet and Duqu’s main method of loading modules for execution is via a kernel driver. But it turns out we were wrong. Wrong, in that we believed Flame and Stuxnet were two unrelated projects. Our research unearthed some previously unknown facts that completely transform the current view of how Stuxnet was created and its link with Flame.

‘Gadget’ in the middle: Flame malware spreading vector identified - Securelist

‘Gadget’ in the middle: Flame malware spreading vector identified - Securelist: In our FAQ on Flame (https://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers) posted on May 28, 2012, we postulated there might be a still undiscovered zero-day vulnerability in Flame: “At the moment, we haven’t seen use of any 0-days; however, the worm is known to have infected fully-patched Windows 7 systems through the network, which might indicate the presence of a high risk 0-day.” Our suspicion was heightened because fully patched Windows 7 machines were being infected over the network in a very suspicious manner.

The Roof Is on Fire: Tackling Flame’s C&C Servers - Securelist

The Roof Is on Fire: Tackling Flame’s C&C Servers - Securelist: On Sunday, May 27 2012, the Iranian MAHER CERT posted a note announcing the discovery of a new targeted attack dubbed “Flamer”. On Monday 28 May 2012 aat 9am EST, after an investigation prompted and supported by the International Telecommunication Union, Kaspersky Lab and CrySyS Lab from Hungary announced (https://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers) the discovery of Flame (aka Skywiper), a sophisticated cyber-espionage toolkit (https://www.securelist.com/en/blog/208193538/Flame_Bunny_Frog_Munch_and_BeetleJuice) primarily targeting Windows computers in the Middle East.

On Stuxnet, Duqu and Flame

Posted by Mikko @ 11:58 GMT


A couple of days ago, I received an e-mail from Iran. It was sent by an analyst from the Iranian Computer Emergency Response Team, and it was informing me about a piece of malware their team had found infecting a variety of Iranian computers. This turned out to be Flame: the malware that has now been front-page news worldwide.

When we went digging through our archive for related samples of malware, we were surprised to find that we already had samples of Flame, dating back to 2010 and 2011, that we were unaware we possessed. They had come through automated reporting mechanisms, but had never been flagged by the system as something we should examine closely. Researchers at other antivirus firms have found evidence that they received samples of the malware even earlier than this, indicating that the malware was older than 2010.

What this means is that all of us had missed detecting this malware for two years, or more. That’s a failure for our company, and for the antivirus industry in general.

It wasn’t the first time this has happened, either. Stuxnet went undetected for more than a year after it was unleashed in the wild, and was only discovered after an antivirus firm in Belarus was called in to look at machines in Iran that were having problems. When researchers dug back through their archives for anything similar to Stuxnet, they found that a zero-day exploit that was used in Stuxnet had been used before with another piece of malware, but had never been noticed at the time. A related malware called DuQu also went undetected by antivirus firms for over a year.

Stuxnet, Duqu and Flame are not normal, everyday malware, of course. All three of them were most likely developed by a Western intelligence agency as part of covert operations that weren’t meant to be discovered. The fact that the malware evaded detection proves how well the attackers did their job. In the case of Stuxnet and DuQu, they used digitally signed components to make their malware appear to be trustworthy applications. And instead of trying to protect their code with custom packers and obfuscation engines — which might have drawn suspicion to them — they hid in plain sight. In the case of Flame, the attackers used SQLite, SSH, SSL and LUA libraries that made the code look more like a business database system than a piece of malware.

Someone might argue that it’s good we failed to find these pieces of code. Most of the infections occurred in politically turbulent areas of the world, in countries like Iran, Syria and Sudan. It’s not known exactly what Flame was used for, but it’s possible that if we had detected and blocked it earlier, we might have indirectly helped oppressive regimes in these countries thwart the efforts of foreign intelligence agencies to monitor them.

But that’s not the point. We want to detect malware, regardless of its source or purpose. Politics don’t even enter the discussion, nor should they. Any malware, even targeted, can get out of hand and cause “collateral damage” to machines that aren’t the intended victim. Stuxnet, for example, spread around the world via its USB worm functionality and infected more than 100,000 computers while seeking out its real target, computers operating the Natanz uranium enrichment facility in Iran. In short, it’s our job as an industry to protect computers against malware. That’s it.

The truth is, consumer-grade antivirus products can’t protect well against targeted malware created by well-resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers and e-mail worms. But targeted attacks like these go to great lengths to avoid antivirus products on purpose. And the zero-day exploits used in these attacks are unknown to antivirus companies by definition. As far as we can tell, before releasing their malicious codes to attack victims, the attackers tested them against all of the relevant antivirus products on the market to make sure that the malware wouldn’t be detected. They have unlimited time to perfect their attacks. It’s not a fair war between the attackers and the defenders when the attackers have access to our weapons.

Antivirus systems need to strike a balance between detecting all possible attacks without causing any false alarms. And while we try to improve on this all the time, there will never be a solution that is 100 percent perfect. The best available protection against serious targeted attacks requires a layered defense, with network intrusion detection systems, whitelisting of trusted apps and active monitoring of inbound and outbound traffic of an organization’s network.

This story does not end with Flame. It’s highly likely there are other similar attacks already underway that we haven’t detected yet. Put simply, attacks like these work.

Flame was a failure for the antivirus industry. We really should have been able to do better. But we didn’t. We were out of our league, in our own game.

Mikko Hypponen
This column was originally published in Wired.com 


Source: F-Secure

Flame: Bunny, Frog, Munch and BeetleJuice… - Securelist

Flame: Bunny, Frog, Munch and BeetleJuice… - Securelist: As already mentioned in the previous blog post about Flame, the volume of its code and functionality are so great that it will take several months for a complete analysis. We’re planning on continually disclosing in our publications the most important and interesting details of its functionality as we reveal them. At the moment we are receiving many inquiries about how to check systems for a Flame infection. Of course the simplest answer, for us, is to advise to use Kaspersky Lab Antivirus or Internet Security. We successfully detect and delete all possible modifications of the main module and extra components of Flame. However, for those who want to carry out a detailed check themselves, at the end of this article we will give the necessary recommendations and advice.

The Flame: Questions and Answers - Securelist

The Flame: Questions and Answers - Securelist: Flame is a sophisticated attack toolkit, which is a lot more complex than Duqu. It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master.

Norton Study Calculates Cost of Global Cybercrime: $114 Billion Annually

One of World’s Largest Cybercrime Studies Reveals More Than One Million Victims a Day

MOUNTAIN VIEW, Calif. – Sept. 7, 2011 – Symantec Corp. (Nasdaq: SYMC) For the first time a Norton study calculates the cost of global cybercrime: $114 billion annually¹. Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional $274 billion was lost². With 431 million adult victims globally in the past year and at an annual price of $388 billion globally based on financial losses and time lost, cybercrime costs the world significantly more than the global black market in marijuana, cocaine and heroin combined ($288 billion).³

According to the Norton Cybercrime Report 2011 more than two thirds of online adults (69 percent) have been a victim of cybercrime in their lifetime. Every second 14 adults become a victim of cybercrime, resulting in more than one million cybercrime victims every day⁴. For the first time, the Norton Cybercrime Report reveals that 10 percent of adults online have experienced cybercrime on their mobile phone. In fact, the Symantec Internet Security Threat Report, Volume 16 reported there were 42 percent more mobile vulnerabilities in 2010 compared to 2009 – a sign that cybercriminals are starting to focus their efforts on the mobile space. The number of reported new mobile operating system vulnerabilities increased, from 115 in 2009 to 163 in 2010. In addition to threats on mobile devices, increased social networking and a lack of protection are likely to be some of the main culprits behind the growing number of cybercrime victims.

Male, Millennial, Mobile

The study identifies men between 18 and 31 years old who access the Internet from their mobile phone as even more likely victims: in this group four in five (80 percent) have fallen prey to cybercrime in their lifetime. Globally, the most common – and most preventable – type of cybercrime is computer viruses and malware with 54 percent of respondents saying they have experienced it in their lifetime. Viruses are followed by online scams (11 percent) and phishing messages (10 percent). Earlier this year the Symantec Internet Security Threat Report, Volume 16, found more than 286 million unique variations of malicious software (“malware”) compared to the 240 million reported in 2009, representing a 19 percent increase⁵.

“There is a serious disconnect in how people view the threat of cybercrime,” said Adam Palmer, Norton Lead Cybersecurity Advisor. “Cybercrime is much more prevalent than people realize. Over the past 12 months, three times as many adults surveyed have suffered from online crime versus offline crime, yet less than a third of respondents think they are more likely to become a victim of cybercrime than physical world crime in the next year. And while 89 percent of respondents agree that more needs to be done to bring cybercriminals to justice, fighting cybercrime is a shared responsibility. It requires us all to be more alert and to invest in our online smarts and safety.”

The disconnect between awareness and action is further illustrated by the fact that while 74 percent of respondents say they are always aware of cybercrime, many are not taking the necessary precautions. Forty-one percent of adults indicated they don’t have an up to date security software suite to protect their personal information online. In addition, less than half review credit card statements regularly for fraud (47 percent), and 61 percent don’t use complex passwords or change them regularly. Among those who access the Internet via their mobile phone, only 16 percent install the most up to date mobile security.

For more findings from the Norton Cybercrime Report globally and by country, please visit: http://norton.com/cybercrimereport.

About Norton from Symantec

Symantec’s Norton products protect consumers from cybercrime with technologies like antivirus, anti-spyware and phishing protection-- while also being light on system resources. The company also provides services such as online backup and PC tuneup, and family online safety. Fan Norton on Facebook at www.facebook.com/norton and follow @NortonOnline on Twitter.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Norton Cybercrime Report Methodology

Between February 6, 2011 and March 14, 2011, StrategyOne conducted interviews with 19,636 people and included 12,704 adults, aged 18 and over 4,553 children aged 8-17 years and 2,379 grade 1-11 teachers from 24 countries (Australia, Brazil, Canada, China, France, Germany, India, Italy, Japan, New Zealand, Spain, Sweden, United Kingdom, United States, Belgium, Denmark, Holland, Hong Kong, Mexico, South Africa, Singapore, Poland, Switzerland, United Arab Emirates).

The margin of error for the total sample of adults (n=12,704) is + 0.87% at the 95% level of confidence. The global data has been weighted to ensure all countries have equal representation: adults to n500.

¹ Findings are extrapolations based upon results from a survey conducted in 24 countries among adults 18-64. The financial cost of cybercrime in the last year ($114bn) is calculated as follows: Victims over past 12 months (per country) x average financial cost of cybercrime (per country in US currency).

² The value of time lost due to cybercrime experiences in the last year ($274 billion) is calculated as follows: Victims over past 12 months (per country) x average time cost of cybercrime (per country in US currency). Figure shown in the sum of all countries total cost.

³ 431 million victims in 24 countries over past 12 months is calculated as follows: Latest research from NCR shows 69% of adults in 24 countries have been a victim of cybercrime ever and of these 65% have been a victim in the past 12 months. Online population per country (24 country total = 802,872,752 according to CIA World Factbook) x % cybercrime ever per country x % cybercrime past 12 months per country = 431,504,885 (sum of 24 countries) Total cost of cybercrime is calculated as follows: Total financial cost $114billion plus value attributed to lost time trying to resolve cybercrime $274billion = $388 billion Total value of the world’s marijuana, cocaine and heroin market ($288 billion) is calculated as follows:

• Total value of the world’s marijuana market is $141.80 billion according to the 2005 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2005.html
• Total value of the world’s cocaine market is $85 billion according to the 2011 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2011.html
• Total value of the world’s heroin trade is $61 billion according to the 2011 United Nations World Drug Report, http://www.unodc.org/unodc/en/data-and-analysis/WDR-2011.html

⁴ 14 cybercrime victims per second and one million cybercrime victims per day calculated as follows: victims over past 12 months (as above) 431,504,885 / 365 days per year / 24 hours / 60 minutes / 60 seconds Source: Symantec Internet Security Threat Report published April 2011https://www4.symantec.com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf

⁵ Source: Symantec Internet Security Threat Report published April 2011 https://www4.symantec.com/mktginfo/downloads/21182883_GA_REPORT_ISTR_Main-Report_04-11_HI-RES.pdf