There is no excuse to take the security of your information lightly. That's the message coming out of InfoSecurity Europe 2007 today. The advent of Vista. The proliferation of spyware. The never ending assault of spam. Data security has never been through more interesting times. Stronger software may now be very much on the agenda, but cyber criminals are getting more cunning.
Of course, this has been the main thrust of consumer-orientated data security propaganda for some time. But it seems the industry is telling itself now. 'Information security - it's not a game' is the slogan.
The London Olympia expo feels a lot bigger than previously. And, while the floor is populated with big-names such as Microsoft (opens in new tab) and VeriSign , there's also a plethora of tiny vendors covering everything from mobile payments to fingerprint readers. But the speeches and keynotes we've so far seen have one message: things are getting tougher.
"Now the stakes have changed," says Samantha Jeffers, the event manager. "It's no longer about fame [for hackers], it's about gain. Cybercrime is big business and the hackers are now playing for serious money.
"The criminals are colluding on an international level and the damage that these sophisticated networks can inflict will impact on share prices as well as consumer confidence."
In it for the money
There is some sense in the show's 'it's not a game' slogan. Actually, it should read 'it's no longer a game'. For a long time hackers and security experts have pitted wits in a game of cyber chess, where the hackers have been in it for the game. Now, as Jeffers says, they're in it for the money.
"If only they [hackers] could redirect [some talent] for the good of mankind," rued Andrew Mahoney, from security vendor RSA . He gave a seminar on the 'inside world' of the technology fraudster. "These guys are very good. That's where the challenge is. They can move quicker than you can internally," he told the audience.
"We're definitely going to see a rise in blended threats over the next year...but phising won't go away. We will see a rise in attacks on those who wouldn't normally get phished, [via] an email from a charity you support, for example.
"These guys are really quick. You put in a new rule and they'll be talking about it within hours. The system needs to react and we're talking about hours, not weeks or months."
Mahoney also had strong words to say to those who think that they can restrict their security work purely to the online space. He says there's now a rise in abuse over multiple channels. Scammers may, say, change an address on an internet banking account, then try and transfer money using some of the same details using phone banking.