Editor's note: This is part of a series of stories about the recession's effect on the tech industry.
Last month, McAfee cybercrime strategist Pamela Warren sat down with a senior executive at a Sydney bank to discuss the risks to the corporate network from workers using social networking.
After going over the trade-offs associated with allowing insiders to use social networks at work, his team confirmed that they would use data leak prevention technology to monitor the network traffic--balancing the desire to benefit from such new technologies while ensuring company secrets remain protected.
Warren had a similar meeting with a U.S. government agency last week to discuss strategies for dealing with public employees using Web apps at work and mobile devices, which can introduce viruses and other security problems into a corporate network. And she's been preparing for the launch early next year of McAfee's Cybercrime Response Unit, a site where consumers can go when they think they've been victimized by online scams.
She's sharpening her focus on protecting Internet users because malware attacks are up now that economic times are tough. Online scammers have been going into overdrive with phishing and other online schemes aimed at people confused about the banking consolidation or who are desperate because of a layoff or foreclosure. In fact, there are direct correlations between targeted cyberattacks on consumers and the stock market decline over the past few months.
"It's a ripe economy to take advantage of people," she said.
Consumers are being scammed in a variety of ways. People are receiving phishing e-mails asking them to provide their bank account information so as to avoid having their bank account closed in a merger. They provide their bank information and their account balance is plundered.
People also are getting e-mails and seeing ads on the Web for work-from-home "jobs" where all they have to do to become an "international sales rep" is open a bank account to receive money in and then wire the money to some international third party. In reality, the transaction is nothing more than a money-laundering move, known as a "cyber mule operation," to transfer money to another country and hide the trail in an illegal deal. Typically, the transaction is a payment for some kind of illegal activity such as the exchange of lists of credit card information or personal data that can be used for identity fraud. (McAfee published a report about the rise in cybercrime earlier this week.)
People who get involved in the schemes don't always realize that they can be arrested for using their bank accounts in this manner, although most arrests so far seem to have been made outside the U.S. Money mules are much more likely to get caught than the operators of the scheme.
"If this happened five years ago, it would have been different. But today we share so much information online. We are much more comfortable with sharing personal information. We are more susceptible," Warren said. "Then you add the concept of a down economy where people need money. It's like a perfect storm brewing up."
Malware that aims to steal personal data has risen from 130,000 pieces last year to 1.3 million this year, while suspicious money mule solicitations rose 33 percent in the first half of 2008 over all of last year, according to McAfee.
"Our prediction is it is going to get worse," Warren said, echoing what experts are saying about the economy in general.
Warren's strong sense of right and wrong and her desire to protect the innocent are in her blood; her father and her younger brother are police officers.
"I was never the kind of person, like my dad or brother, that wants to walk around with a gun every day and go after that kind of criminal, so I chose the intelligence business path," she said. "The core of the entire Warren family is about helping other people. We are just driven by that."
The 43-year-old grew up in Williamsburg, Va., and studied international affairs at Florida State University before getting a master's in telecommunications from George Washington University. She's also a certified information system security professional and certified information privacy professional.
She worked in the U.S. intelligence community for about 10 years, primarily with the National Security Agency looking at threats against the U.S. "I had to understand the security of networks to help track down governments or individuals who were trying to harm the U.S." she said, declining to elaborate due to the sensitivity of the work. Before joining McAfee in January, Warren worked on security programs and consulting at Nortel Networks and security of chipsets at Intel.
Now, Warren, who spends her free time running with her dog, a Shiba Inu named Joey, in the mornings and volunteering at a marine mammal rehabilitation center in Sausalito, Calif., is helping "track the bad guys" on behalf of consumers and private companies.
The recent rise in threats aimed at financially downtrodden consumers offends her moral sensibilities. "You see the growth in identity theft and online fraud and you see what's happening to us worldwide in terms of the economic situation and it makes everything we do here more urgent," she said. "I think it's important to help people day to day around the world protect their privacy and protect themselves from loss.
Warren is adamant that people should not let the security risks associated with Internet applications keep them from taking advantage of what the technology has to offer. For instance, she relies on the Internet to keep connected with her nephew fighting in Iraq and would suffer if she were at a job where access to certain Web applications was restricted.
"Getting to see my nephew when he's in the middle of Iraq fighting in a war zone and I get snippets of his life on Facebook...it all helps motivate me on a daily basis," she said.
Next in the series: A contractor's roller-coaster ride in Redmond.