Embed Size (px)
DESCRIPTION
Citation preview
24 May 2010
Implications of Ubiquitous Broadband for
Cyber Crime Eric Olson, Vice President
Cyveillance, Inc.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Overview
• Definitions: Relevant areas of Cyber Crime
• General impact of ubiquitous broadband (UBB)
• Implications: How UBB changes the criminal opportunity
• From Implication to Prediction: What’s likely to happen
• Case Study: A Red Team Exercise
• Recommendations
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Relevant Areas of Cyber Crime
• Phishing and Identity Theft
• Data theft and industrial, international espionage
• Infection/compromise of servers and PCs, for:
– Spamming
– Criminal Hosting: Malware, fast flux, illegal content, Phishing, etc.
– DDOS attacks and Cyber Extortion
• Libel, defamation, character assassination, disinformation
Nearly every common aspect of online evildoing is accelerated
by widespread, high speed access.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
What happens in a UBB environment?
• Downloads are faster
• Mass hardware upgrades will likely follow
• Upload speeds are faster
• It’s always on
• Prices fall, open/public access grows rapidly
• Home and SMB use of WiFi explodes
The facts are obvious, but we’ll consider why each matters.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Implications of those differences
For cyber criminals, these changes have powerful implications.
• Hot to Bot – Instant appeal for the Bot-herder
• Why fast upload and download speeds = more data theft
• “Cyber Street Crime” – A lot of cyber crime is actually
local to the victim
• Totally New Problems: Some crimes essentially don’t
exist without broadband
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
From Implication to Prediction
Hot to Bot – Let’s remember, botted machines are a means to
an end. What makes a PC useful to the zombie army?
• IF Botnets are used for spamming, DDOS, hosting, etc.
• THEN slow machines and pipes are of little use to bot.
• SINCE Faster pipes mean fun new capabilities,
• AND mass hardware upgrades inevitably follow
• RESULT is that environments that held little appeal for
infection will be targeted (i.e. ideal drone machines)
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
From Implication to Prediction
What does high-speed download mean? P2P use explodes,
and with it, both inadvertent and malware-driven data loss.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
From Implication to Prediction
Source: http://www.theregister.co.uk/2010/01/25/oil_companies_attacked/
What does high-speed upload mean? Data exfiltration
happens must faster, machine performance suffers less.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
From Implication to Prediction
With public (and badly secured) private WiFi everywhere, UBB
is an accelerant for Cyber street crime.
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
From Implication to Prediction
New Problems – some things basically don’t happen without
broadband. With UBB, expect them to grow exponentially.
Three simple examples just for illustration:
• Virtual World Crime
• Information/Disinformation Campaigns
• High-End Social Engineering
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Virtual Worlds, Real Crimes
From theft of in-game property to MMORPG sweatshops and gold-farming slavery, virtual worlds bring a host of new appalling activities for which laws may not even have a name, let alone a framework to prosecute.
Source: 1up.com - http://www.1up.com/do/feature?cId=3141815
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Free Speech or Untraceable Slander?
Anti-corporate or political activism once took resources, lobbying, publicity, money.
Today, any teenager with a Mac can make professional grade videos in minutes and garner an audience of thousands.
Source: youtbue.com
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
High-End Social Engineering
Long gone are the days when a stolen bank login or eBay
account constitute a sophisticated attacks.
Today’s truly high-end attacks share key aspects:
• The stakes are huge but illiquid
• The stolen data are extremely high value, but only to a
small group of people
• Very specific victims are researched by online footprint
and social networks. Both the social networks and the
targeting done on them are enabled by UBB
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Case Study – Red Team Exercise
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Case Study – Red Team Exercise
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Case Study – Red Team Exercise
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
We’re not making this stuff up…
Implications of Ubiquitous Broadband for Cyber Crime
Eric Olson – Cyveillance 24 May 2010
Recommendations
Understanding the implications of UBB can help individuals,
agencies and companies prepare for the challenges ahead.
Get proactive on every level
1. Awareness and Training – Entities, teach your staff
about risks to data, privacy, systems and customers
2. Policy – Prepare guidance for networked employees
3. Monitor – Understand “Internet Footprint” and monitor
yours to minimize risk
4. Governance – Legislators, security and elected
officials, plan for the challenges coming in a UBB world
