Tuesday, May 14, 2013

Part 3: Dealing with Cyber-gangsters

The Cyber-gangster



I have had to deal with drug dealers and drug gangsters most of my life.  They try to get you to take drugs to increase the demand for their product. You can be walking down the street or sitting in your house when the gun fire starts over a drug territory dispute. You can allow someone to get into your car thinking that all you are doing is giving them a ride to their destination just to find them taking drugs in your car. Some of these people will rob you just to satisfy their habit and will not think twice about killing you.

But times have changed. Not only do you have to worry about the drug gangs in the street but you also have to worry about the cyber gangs on the network.  Cyber-gangsters are smart technical people. They make far more than the drug dealers. These people steal millions of peoples identities in a matter of seconds and sell them to other organizations just as fast. The State of Georgia had over one million names, addresses, social security numbers and other information taken from state data bases without the state knowing about it. They had to payout millions of dollars to taxpayers whose information was stolen from the state to fix their credit.

What I am about to tell you, some of you may think that I am making it up. Here is a clip from NBC News that will give you a taste of reality!

http://www.freebeerandhotwings.com/b/Cyber-Thieves-Steal-$45-Million-Video/19772798381853576.html


NBC News said, "It's safe to say that bank robberies have changed a bit in the technology age we're living in. Gone are the days of people busting through the front doors of a bank in ski masks with guns, demanding money from tellers. There are no more getaway cars and accomplices. All of that has been replaced with really smart people sitting in front of computers."

"These guys managed to steal $45 million by means that we don't understand, but it's super impressive nonetheless!"

Now let's continue....


Andrew M. Colarik of the USA and Lech J. Janczewski of New Zealand state that, "In the context of information security, terrorists may come in many forms such as politically motivated, anti-government, anti-world trade, and pro-environmental extremists". They further state, "Cyber terrorism means premeditated, politically motivated attacks by sub-national groups or clandestine agents, or individuals against information and computer systems, computer programs, and data that result in violence against non-combatant targets".

Let's add the money-motivated hackers, and you see the picture of the enemy.  The goal of money-motivated hackers is to benefit from money inflow;

  • Using cyber espionage

  • By acting as a "cyber bully" and demand money by various methods of electronic blackmailing

  • By breaking into financial organizations' computer systems and transfer money to offshore accounts

  • By stealing credit card account information and reselling it

  • With identity theft by using stolen information to transfer money out of the bank accounts or to buy the goods from the Internet-based stores with newly opened credit cards

  • By writing the software to attack victim’s computers and sell the right to use it.

According to a new study from McAfee, data theft and breaches from cyber crime may have cost businesses last year as much as $1trillion globally in lost intellectual property and resources for repairing the damage.

The goal of cyber-terrorists is to intimidate or force a government or its people to perform the changes that serve attacker's political and social objectives or political motivation. The goal also can be described as a disruption of major infrastructures of the country (e.g. nuclear plants, energy supply systems, defense infrastructure, and similar) in order to gain quick advantage in the pre-planned geo-political action.

Cybercrime Top 20 Countries Pie Chart

State, national, and international political views have various forms and can be the main motivational factor to be engaged in unlawful attacks or threats of attacks against computers, networks, and the information infrastructure.

Neither definition-based anti-virus nor any other single solution is enough to block modern threats. Zero-day attacks, "mutating" viruses, or targeted attacks are all high-risk situations requiring an additional layer of protection. Our widely accepted security standards do not meet the needs either. In fact, the PCI standard for financial institutions and 3rd-party vendors involved into financial transactions that is considered pretty tough proved to be inefficient. The cyber-gangsters using the sophisticated sniffer software were able to penetrate into Heartland Payment System AFTER they passed their PCI DSS audit. The result of the breach and lost data for the company was disastrous.
Let's look at a short list of "weapons" that are used by cyber-gangsters against personal computer and computer network;
-         Zero-day attacks
-         "Mutating" viruses
-         Targeted attacks (DDoS) utilizing botnets
-         Application exploits (including SQL injection) due to OS and applications design problems
-         Cross-Site scripting
-         Social Networking site exploits
-         Browser exploits
-         Hosted site exploits
-         P-2-P networking infection
-         Smartphone attacks
-         Wi-Fi protocol weaknesses exploits
-         Social Engineering to collect the information for the following attack
-         Malicious e-mails and spam - based infections
-         Creating malicious underground organizations to assist in cyber exploits and attacks
-         Identity theft (which has also been linked to terrorist activity)
-         Keyloggers, mouse-loggers, etc
-         Rogue Blogs pollution
-         Search engine results manipulation to redirect user to malicious web sites
-         Two-factor authentication circumvention
Facebook
Your cell phone is a doorway for cyber-gangsters to steal your stuff. 
Cell Phone Attacks
People have been trying to give me a smart phone as a gift for some time. I refuse to have one. They are so easy to hack into and take over by criminals. Once they get into your phone it is just a few steps to get into other accounts.  Then you will notice new unauthorized bills coming in, money withdrawn from bank accounts, and unauthorized use of your phone.

The attacks on Smartphones will increase in volume. They have already started. The first iPhone was Worm Detected in November, 2009. Users, who have not changed their default Secure Shell (SSH) login password and have “jailbroken” their iPhones to allow third-party applications to run, are vulnerable to the malware. More and more hacking becomes associated with a "ransomware": iHacked: jailbroken iPhones compromised, $5 ransom demanded, New LoroBot ransomware encrypts files, demands $100 for decryption. Once malware-proof, Smartphones actually have enough security holes to be vulnerable to various hacking attacks. I am not surprised that most of the attacks target the most popular iPhone: Second iPhone worm behaves like botnet. It has been identified by security vendor F-Secure, which claims the new worm has botnet capability and is more threatening than its predecessor. SpyPhone “appharvests” personal data from stock iPhones.
Definitions
I have given you a lot of information here. Let’s look at a few definitions that you may not know.
A botnet is a collection of internet-connected programs communicating with other similar programs in order to perform tasks. This can be as mundane as keeping control of an IRC channel, or it could be used to send spam email or participate in DDoS attacks. The word botnet stems from the two words robot and network.
     
In computing, a denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a machine or network resource unavailable to its intended users. Although the means to carry out, motives for, and targets of a DoS attack may vary, it generally consists of the efforts of one or more people to temporarily or indefinitely interrupt or suspend services of a host connected to the Internet.


No comments: