It is true that 2006 was the year that hacking ceased to be a hobby and became a full-time job, and this year things may get even worse.

"Cyber criminals are no longer pimply-faced teenagers showing off for their nerdy friends," says Ben Macklin, eMarketer Senior Analyst and the author of the new report, Online Security: Counting the Cost of Fear. "Today, international hackers have formed into sophisticated gangs with connections to organized crime, and their primary motive is money."

While the US remains the origin of the majority of worldwide cyber attacks, China and countries from the former Soviet Union are increasingly showing up on the radar screens of the security services that monitor online crime.

"This increased activity is undermining consumer confidence in the online sector," says Mr. Macklin. "At eMarketer, we call it ‘The Cost of Online Fear.’"

The Cost of Online Security Concerns, 2006

"Not even counting the actual losses to fraud and theft suffered by Internet users and businesses, which are not insubstantial, the loss of potential online revenue is enormous," says Mr. Macklin. "American Internet users are already adjusting their online behavior to avoid identity theft by visiting fewer sites, ceasing to bank online and purchasing less online."

Internet security issues are now less about viruses or denial-of-service attacks — although they are still important — and more about spyware, malware, phishing and social engineering, which are designed to extract personal information from individual users.

There is no denying that consumers are concerned about the theft of personal information. A report published by Zoomerang shows that 73% of US adult Internet users are concerned about identity theft.

Level of Concern about Identity Theft among US Adult Internet Users, August 2006 (% of respondents)

"While there is no doubt the Internet is not without threat to the unwary, data show that Internet fraud, e-mail viruses and identity theft rates have remained flat or have actually fallen over the last few years," says Mr. Macklin. "The majority of information security issues relate to offline practices rather than online."

Who should consumers be afraid of when it comes to the security of their personal information?

"Not online retail sites," says Mr. Macklin, "but the government."

According to Symantec, the government sector accounted for 25% of all identity-theft-related data breaches, more than any other sector. In comparison, data breaches from the retail, wholesale and e-commerce sector only accounted for 4%.

In fact, Javelin Strategy & Research estimates that there will be 8.4 million victims of identity theft in the US in 2007, a figure that is actually down from 10.1 million in 2003.
Victims of Identity Theft in the US, 2003, 2005-2007 (millions) 

Via eMarketer