Cybercrime - Is Your Firm on the Hit List ?

Cybercrooks are moving into industrial espionage in a big way, hunting for intellectual property and other sensitive information. Once they have the material in hand, they can either use it to gain a competitive advantage for their own company -- or auction it off to the highest bidder. The top target sectors for this new breed of hackers include financial services, information technology (hardware, software and IT services), aerospace and pharmaceuticals. Any company with an Internet presence, however, is also considered fair game.

The sophistication of such operations makes the perpetrators hard to catch and harder still to prosecute. "The law is local, but they can do the crime from anywhere," says Yuval Ben-Itzhak, chief technology officer of Internet security firm Finjan Inc. Increasingly, such operations function as international organized crime networks that manage communications among members through instant messaging and programs such as Skype.

Gangs in one country often employ servers in another to stage an attack on a company in a third. Complicating matters even more, they frequently shift the countries from which they mount their attacks to avoid detection.

Some outfits specialize in creating and customizing malware -- the catchall term for spyware, Trojan horses and other classes of malicious code used in such operations -- which they then sell to other industrial spies who may have little or no software coding experience of their own. A starter kit sells for as little as $200 -- chicken scratch compared to the profits the buyers can reap from its use.