evil geniuses: how organized cybercriminals could take over the world

EVIL GENIUSESHow organized cybercriminals could take over the world

Hillary Lipko, 1st-year MSPPCS 6725 – Information Security Policies and Practices

22 October 2009

Questions to answer

Who? What? When? Where? Why? How?

Now!

What’s going on? Who are these guys?

The profile of the “typical” cybercriminal has changed.

The motivation behind criminal activity on the internet has changed.

Malicious hackers are getting organized and “The Mob” wants in.

Who are the stakeholders?

Everyone.

The “bad guys”Malicious programmers/hackersOrganized crimeRogue governments

The “good guys”Typical usersSecurity professionals/law enforcement“Us”

Who are the “organized criminals?”

Who are the responders?

Who are the responders?

Who are the responders?

A side note about hackers…

Hackers Criminals

Entrepreneurs Scam artistsSoftware developers

Computer criminals

Organized cybercrime

Questions to answer

Who? What? When? Where? Why? How?

Now!Everyo

ne

What are the threats?

Identity theft Fraud Trafficking Extortion Cyberterrorism

Compromised infrastructuresWarfare

So about those bots…

Software applications that run automated tasks over the internet

Not all bots are badSpidersIRC botsChatterbotsGame bots

(a.k.a “internet bots” or “web robots”)

What are the means?

BotnetsDDoS, access number replacementSpywareSpam, adwareClick fraud, fast flux

Discussion communitiesCommunicationMarketplace

Questions to answer

Who? What? When? Where? Why? How?

Now!

Everyo

neRobot

takeover

Why computer crime?

It’s quick; it’s easy. Low risk Better ROI Not location-reliant

Why is this a problem?

It’s quick; it’s easy. Can be hard to trace Expensive to prevent inexpensive attacks Borderless by nature

Questions to answer

Who? What? When? Where? Why? How?

Now!

Everyo

neRobot

takeover

Cheap

+effective

So where are the bad guys hiding?

Everywhere.

Depressed economies and transitional governments

Russia, China, North Korea, Iran, etc. Dark corners of the internet

Where do they come from?

Traditional organized crime is a business. Political unrest Poor legitimate economic opportunity Greed

Questions to answer

Who? What? When? Where? Why? How?

Now!

Everyo

neRobot

takeover

Cheap

+effective

Everywhe

re

How does organized cybercrime work?

Malware and botnet marketplace Financing Complacency

How do we protect against these threats?

User vigilance Honeypots Proactive threat response

How can we respond to incidents?

Black holes Tracing Blocking Clean & patch Escalation?

Questions to answer

Who? What? When? Where? Why? How?

Now!

Everyo

neRobot

takeover

Cheap

+effective

Everywhe

reLOLcats

Listen to the

bunnyIf we knew, we wouldn’t

be here

Questions?