Upload
hillary-l
View
683
Download
1
Embed Size (px)
DESCRIPTION
A security-oriented overview of organized crime on the internet and their use of botnets, malware and spyware.Includes partial transcript.
Citation preview
EVIL GENIUSESHow organized cybercriminals could take over the world
Hillary Lipko, 1st-year MSPPCS 6725 – Information Security Policies and Practices
22 October 2009
Questions to answer
Who? What? When? Where? Why? How?
Now!
What’s going on? Who are these guys?
The profile of the “typical” cybercriminal has changed.
The motivation behind criminal activity on the internet has changed.
Malicious hackers are getting organized and “The Mob” wants in.
Who are the stakeholders?
Everyone.
The “bad guys”Malicious programmers/hackersOrganized crimeRogue governments
The “good guys”Typical usersSecurity professionals/law enforcement“Us”
Who are the “organized criminals?”
Who are the responders?
Who are the responders?
Who are the responders?
A side note about hackers…
Hackers Criminals
Entrepreneurs Scam artistsSoftware developers
Computer criminals
Organized cybercrime
Questions to answer
Who? What? When? Where? Why? How?
Now!Everyo
ne
What are the threats?
Identity theft Fraud Trafficking Extortion Cyberterrorism
Compromised infrastructuresWarfare
So about those bots…
Software applications that run automated tasks over the internet
Not all bots are badSpidersIRC botsChatterbotsGame bots
(a.k.a “internet bots” or “web robots”)
What are the means?
BotnetsDDoS, access number replacementSpywareSpam, adwareClick fraud, fast flux
Discussion communitiesCommunicationMarketplace
Questions to answer
Who? What? When? Where? Why? How?
Now!
Everyo
neRobot
takeover
Why computer crime?
It’s quick; it’s easy. Low risk Better ROI Not location-reliant
Why is this a problem?
It’s quick; it’s easy. Can be hard to trace Expensive to prevent inexpensive attacks Borderless by nature
Questions to answer
Who? What? When? Where? Why? How?
Now!
Everyo
neRobot
takeover
Cheap
+effective
So where are the bad guys hiding?
Everywhere.
Depressed economies and transitional governments
Russia, China, North Korea, Iran, etc. Dark corners of the internet
Where do they come from?
Traditional organized crime is a business. Political unrest Poor legitimate economic opportunity Greed
Questions to answer
Who? What? When? Where? Why? How?
Now!
Everyo
neRobot
takeover
Cheap
+effective
Everywhe
re
How does organized cybercrime work?
Malware and botnet marketplace Financing Complacency
How do we protect against these threats?
User vigilance Honeypots Proactive threat response
How can we respond to incidents?
Black holes Tracing Blocking Clean & patch Escalation?
Questions to answer
Who? What? When? Where? Why? How?
Now!
Everyo
neRobot
takeover
Cheap
+effective
Everywhe
reLOLcats
Listen to the
bunnyIf we knew, we wouldn’t
be here
Questions?