eastern european black market economy trends · pdf filethe most dynamic and social black...
TRANSCRIPT
SESSION ID:
#RSAC
Alex Holden
Eastern European Black Market Economy Trends
FLE1-F02
Chief Information Security OfficerHold Security, LLC@HoldSecurity
#RSAC
Why Learn About Hackers?
2
The most dynamic and social black market
Large sharing community
Re-use or secondary market
Learn how to guard against this sector
Current trends and failures
#RSAC
History
#RSAC
History of the Russian Underground
4
Evolution of technology and thirst for knowledge
Early years – the gang wars
Dissolution of gangs and specialization – links in a chain
JabberZeus
CyberVor
#RSAC
What Drives a Hacker
5
For-profit crime
Hacktivism
Revenge
State-sponsored
#RSAC
Communications
6
Forums
Advertising
Marketing
Customer Service
#RSAC
Mass Production
7
Stealing in bulk
Lowest hanging fruit
0day
Unpatched Systems
Weak Passwords
Tools and techniques
Crime ratios
#RSAC
Competition
8
Supply and Demand
Black Market Economics
Respect and order amongst the thieves
Escrow Services
Reputation
DOXing
Destroying the competition
#RSAC
Eastern European Black Markets Today
#RSAC
Black Market Overview
10
Rare direct monetization
Long supply chain
Frequent failure
#RSAC
Education
11
Hacker University
Job After Graduation
Professor’s Insight
#RSAC
Viruses/Malware
12
Botnet flavors
What can you steal
Linguistics adaptation
Injects and Grabbers
Mobile botnets
#RSAC
Spam Operation
13
Spam supply-chain
Spear phishing
Social network abuse
Statistics
#RSAC
Re-shipping
14
Drop dynamic
Supply Chain
#RSAC
Ransomware
15
Simple and Effective
#RSAC
Brute Force Everything
16
Credentials
Services
Monetization
#RSAC
Anonymity
17
Hiding = blending in
Sophistication and ease of use
Escaping detection
WebRTC
Fonts
Local Time
Virtualization
#RSAC
Identity
18
Service authentication
Creating a new person
#RSAC
Dating
19
Praying on desperation
Dating scam – enterprise solution
#RSAC
Skimmers
20
ATM
Credit Cards
New Designs
Old tools
#RSAC
Starting Your Own Black Market Shop
21
Everything sells
Crimeware as a service
#RSAC
Defenses
#RSAC
Applying Knowledge Against the Enemy
23
Not every threat is credible
Creating an unattractive target
Scaling defenses to threats
Viruses/Malware
0day
Credentials
Misconfigurations
#RSAC
Defense
24
Honeypots
Systems
Features
Data
Threat Intelligence