IBM did a survey, and it was just published here on iTWire. Interesting perspective:

According to the IT executives surveyed, 49% of local businesses now perceive cybercrime to be a greater threat than physical crime to their business. At the same time, the perception is that perpetrators of cybercrime are becoming increasingly sophisticated; 80% of Australian CIOs (84% globally) believe that lone hackers are increasingly being replaced by organised and technically proficient criminal groups.

[…]

When it comes to relative costs, Australian CIOs think that cybercrime has a more detrimental financial impact on their business than physical crime. They are most concerned about the loss of current customers as a result of cybercrime (71%), followed by loss of revenue (68%) and loss of prospective customers (67%). Just 38% of their global peers identified loss of prospective customers as a major concern, possibly reflecting the smaller size of the Australian market and relative importance of each customer.

Years ago I had a bit of a tiff with my cell phone carrier. I was getting spam via SMS and they bluntly told me they had never heard of such a thing and had no idea how to stop it from happening. Since I was charged a fee per message, I assumed this problem would take a long time to resolve itself, and so I just lodged a formal complaint to my carrier and was forced to disable SMS and wait.

Here’s a guy who has an even bigger issue:

Bubrouski, a computer science major at Northeastern University in Boston, is the proud owner of ‘Null@vtext.com,’ an account on the popular Verizon text messaging service that allows Internet users to send e-mail and IM messages directly to his cell phone as SMS text messages.

Bubrouski said he was just being clever when he signed up for a Verizon vText account with the user name ‘null,’ after his parents bought him his first mobile phone during his freshman year at Northeastern, in 2001.

Ooops. Now he receives loads of unroutable SMS messages on his phone including information from people who forget to fill out the “to” field:

That data has become more sensitive in recent months, as companies rush to deliver everything from SAT test scores to medical information and automobile diagnostics to cell phones and PDAs.

Bubrouski’s experience, while unusual, could be a sign of growing pains in the wireless industry, as companies rush to provide wireless data services, overlooking steps that could secure the data in transit, according to one security expert.

Unbelievable, really, that the “null” account would be assigned to an end user in the first place, but even more shocking that messages can be sent without proper routing information.

The eWeek article is a fun overview on why SMS still needs a lot of security to be bolted on and perhaps even why it will require a major redesign or replacement in the near future.