I was just reading RSA's latest online fraud report yesterday. One very [very] interesting thing in this fraud report and similar ones is that the amount of information in them which cyber-criminals can use for their business development is crazy. Information is the most powerful tool for these criminals. Any tiny bit of information especially the ones you find in these types of reports, help them significantly to plan their future attacks in a way more efficient way. Getting feedback on the success of attacks on different geographical locations, effectiveness of different techniques on different targets, also finding information on strengths and weaknesses of competitors, are what a business development department in a cyber-crime organization would enjoy [a lot]. Sometimes, I wonder how long it takes till we see the first cyber-crime stock market online. Maybe that day we realize how vulnerable our information infrastructure is.