10:30 AM
Unknown
Sources of cyber crime will turn into increasingly organized and profit-driven during the years ahead.
Gunter Ollmann, chief security strategist for IBM Net Security Systems describes today’s (and tomorrow’s) cyber criminals
as “an international conglomerate of professionally trained authors motivated by high profit.”
You can buy, lease, subscribe and even pay-as-you-go to pay for the newest malware kits, that are much more
sophisticated than their predecessors. “Malware transitioned to the criminal world just over 3 years ago,”
said Ollmann.
as “an international conglomerate of professionally trained authors motivated by high profit.”
You can buy, lease, subscribe and even pay-as-you-go to pay for the newest malware kits, that are much more
sophisticated than their predecessors. “Malware transitioned to the criminal world just over 3 years ago,”
said Ollmann.
“The new sophisticated malware-for-sale features encrypted command and control channels, builtin Web services for hosting phishing content, man-in-the browser proxy engines for identity theft, as well as drive scanners for capturing sellable details like email addresses and credit card details.”
Ollmann reports that many malware kits are supported by product guarantees and program level agreements.
A few malware developers are even offering multiple language “customer support” so that you can achieve a wider audience of criminals.
Ollmann reports that many malware kits are supported by product guarantees and program level agreements.
A few malware developers are even offering multiple language “customer support” so that you can achieve a wider audience of criminals.
New Web-based attack platforms have been designed in tandem so that social engineering and end-user action are no longer required for exploitation.
All of these trends are expected to evolve further in the coming year.
The managed program process basically extends the functionality of the malware purchase. 1 malicious managed service design revolves around breaking CAPTCHAs (Completely Automated Public Turing test to tell Computers
and Humans Apart).
All of these trends are expected to evolve further in the coming year.
The managed program process basically extends the functionality of the malware purchase. 1 malicious managed service design revolves around breaking CAPTCHAs (Completely Automated Public Turing test to tell Computers
and Humans Apart).
CAPTCHAs are applied to prevent brute-force attacks and fraudulent account creation on Web websites and need end users to correctly enter a string of characters and login data prior to entry is granted.
As CAPTCHA systems {were|had been|have been} continuously broken by attackers and then subsequently strengthened against compromise, the cyber crime MSPs saw a business opportunity.
“The managed program operators offer cheap human labor to battle via CAPTCHAs,” stated Ollmann.
"These predominantly Russian-operated entities provide pay scales starting at $1 per 1,000 CAPTCHAs broken, and provide an extensible API structure for easy integration into malware. This combined method will continue in the future.”
"These predominantly Russian-operated entities provide pay scales starting at $1 per 1,000 CAPTCHAs broken, and provide an extensible API structure for easy integration into malware. This combined method will continue in the future.”
Ollmann divides the cyber criminal industry into three tiers:
• Low-level criminals who use kits to create the specific malware required for their targeted crimes.
• Skilled developers and collectives of technical experts doing new components to embed within their commercial malware creation kits.
• Top-tier managed program providers that wrap new services around malware kits to increase propagation and enable organized fraud on a global scale, feeding gains back into existing money laundering chains.
He warns of the tough road ahead inside battle against malware
• Low-level criminals who use kits to create the specific malware required for their targeted crimes.
• Skilled developers and collectives of technical experts doing new components to embed within their commercial malware creation kits.
• Top-tier managed program providers that wrap new services around malware kits to increase propagation and enable organized fraud on a global scale, feeding gains back into existing money laundering chains.
He warns of the tough road ahead inside battle against malware
Other Articles-
http://the-survey.blogspot.com/2011/09/cyber-crimethreats-to-voip-and-mobile.htmlhttp://the-survey.blogspot.com/2011/08/cyber-threats-report-emerging-threats.html
http://the-survey.blogspot.com/2011/08/cyber-threats-report-2009emerging_26.html
http://the-survey.blogspot.com/2011/08/cyber-threats-report-2009emerging.html
http://the-survey.blogspot.com/2011/08/emerging-threats-forall-data.html
Posted in: 
0 comments:
Post a Comment