280 likes | 303 Views
Cyberbad Where Spam is leading to. Phillip Hallam-Baker hallam@dotcrimemanifesto.com. Spam is Criminal Infrastructure. Botnets beget. Spam Adverts for criminal / defective products Phishing Advance Fee Frauds Denial of Service Extortion All Things ‘Cyber-bad’. What is Cyber-Terror?.
E N D
CyberbadWhere Spam is leading to Phillip Hallam-Baker hallam@dotcrimemanifesto.com
Botnets beget • Spam • Adverts for criminal / defective products • Phishing • Advance Fee Frauds • Denial of Service Extortion • All Things ‘Cyber-bad’
What is Cyber-Terror? Cyber-Bad
Cyber-Bad for Hire • Hacking tools (commodity ø day exploits) • Stolen credentials • Crime as Service • Spam • Botnets • Unwitting Accomplices (mules) • Receiving stolen goods • Money laundering
Cyber-bad Purposes Vandalism Vigilantism Fraud Terrorism Warfare
Criminals extend reach • Compromise systems during manufacture • Pin Entry Devices compromised during manufacture • Phone home with PIN data to Pakistan • Criminal insiders • Blackmailed or bought prior to hire • US Cert: 41% incidents involve insiders • Soc Generalé demonstrates €bn potential
Internet Crime Isn’t The banks are still where the money is
RBN ‘customer’ 1488.ru Cyber Crime to Cyber Terror?
Internet = Research • Open Sources • AQ manual claims 80% of information is available • Criminal Expert Sources • Who can tell me X for $100? • Espionage • Find an honest expert, penetrate their machine
Security through obscurity works… … until it fails
What is the problem? • Banks • Cost of Internet crime • Direct Losses • Customer Service • Opportunity Losses • National Security • Potential criminal profits • Potential sabotage damage
Are there solutions? • Chip and PIN • Eliminated Card Present Fraud in Europe • Remaining attacks exploit legacy channels • Why not in the US? • Different market structure • Anti-trust used to block changes
Anti-Crime Solutions • Email Authentication • SPF, DKIM, Secure Internet Letterhead • Web Authentication • Extended Validation, Secure Internet Letterhead • Secure Identity • SAML, WS-*, OpenID, OATH, Identity 3.0 • Data Level Security • CRM Infrastructure, Open CRM • Network Security • Reverse Firewalls, DNSSEC, BGP Security • Domain Centric Administration, Default Deny Infrastructure
Conclusions • The threats are real • They are not necessarily Internet threats • But the Internet changes the game • The threats are serious • They may not be “terrorism” as we know it • But they are worth caring about • Criminal infrastructure is an ongoing threat • Some states are playing the privateer game • We cannot rely on international cooperation