You may have read the reports: We have captured Albert Gonzalez, one of the "world's biggest malicious hackers." Big deal.
I've been fighting cybercrime for more than 20 years, so you'll have to excuse me if I'm a little jaded for thinking that this "huge" hacker is but another small-time player in the big-time world of cybercrime. In fact, I'm pretty sure that we still haven't captured a single major player -- the Pablo Escobars.
[ The Department of Homeland Security reports that the IT sector is resilient against serious cyberattacks. | Learn how to secure your systems with InfoWorld's free Security Central newsletter. ]
We know there are large, corporate crimeware gangs that steal tens (if not hundreds) of millions of dollars from unsuspecting Internet victims each year. They have corporate headquarters that would fit the mold of the Fortune 1000. They have extensive payrolls, pay millions in taxes, and enjoy business growth that would be the envy of Wall Street. Yet we haven't prosecuted a single person from any of these big online cybercrime syndicates, and I have no reason to believe that will change over the next few years. We are getting better at prosecuting cybercriminals in countries such as the United States, but these large organizations are based in other countries, protected by those nations' political leaders.
Professional organized cybercrime started with the "king of spam" corporate giants in the late 1990s. These organizations often made millions under the guise of legitimate Internet marketing while sending billions of illegal e-mails. Many of the owners became and remained rich. They bought large houses and outrageous cars, got new beautiful wives, and sent their kids to expensive private schools. Heck, spammers aren't even considered in the top 200 spammers unless they are sending out hundreds of millions of illegal e-mails per day.