Вы находитесь на странице: 1из 28

Cyberbad

Where Spam is leading to


Phillip Hallam-Baker
hallam@dotcrimemanifesto.c
om
Spam is Criminal
Infrastructure
Botnets beget
Spam
Adverts for criminal / defective products
Phishing
Advance Fee Frauds
Denial of Service Extortion

All Things Cyber-bad


What is Cyber-Terror?

Cyber-Bad
Lowering the barriers
Cyber-Bad for Hire
Hacking tools (commodity day
exploits)
Stolen credentials
Crime as Service
Spam
Botnets
Unwitting Accomplices (mules)
Receiving stolen goods
Money laundering
Cyber-bad Purposes
Vandalism
Vigilantism
Fraud
Terrorism
Warfare
Criminals extend reach
Compromise systems during manufacture
Pin Entry Devices compromised during
manufacture
Phone home with PIN data to Pakistan
Criminal insiders
Blackmailed or bought prior to hire
US Cert: 41% incidents involve insiders

Soc General demonstrates bn potential


Internet Crime Isnt
The banks are still where the money is
Russian Business Network
Cyber Crime to Cyber
Terror?
RBN customer 1488.ru
Its not a new game
Internet Terrorism Today
Internet = Outreach
Internet = Praxis
Realistic Future Scenarios
Internet = Research
Open Sources
AQ manual claims 80% of information is
available

Criminal Expert Sources


Who can tell me X for $100?

Espionage
Find an honest expert, penetrate their machine
Internet Crime = Funding
Internet Crime = Money
Laundry
Internet Sabotage = Force
Multiplier
Is a Hollywood Scenario
likely?
Past Performance is no
guarantee
Security through obscurity
works
until it fails
Fixing the Problem
What is the problem?
Banks
Cost of Internet crime
Direct Losses
Customer Service
Opportunity Losses
National Security
Potential criminal profits
Potential sabotage damage
Are there solutions?
Chip and PIN
Eliminated Card Present Fraud in Europe
Remaining attacks exploit legacy channels

Why not in the US?


Different market structure
Anti-trust used to block changes
Anti-Crime Solutions
Email Authentication
SPF, DKIM, Secure Internet Letterhead
Web Authentication
Extended Validation, Secure Internet Letterhead
Secure Identity
SAML, WS-*, OpenID, OATH, Identity 3.0
Data Level Security
CRM Infrastructure, Open CRM
Network Security
Reverse Firewalls, DNSSEC, BGP Security
Domain Centric Administration, Default Deny Infrastructure
Conclusions
The threats are real
They are not necessarily Internet threats
But the Internet changes the game

The threats are serious


They may not be terrorism as we know it
But they are worth caring about

Criminal infrastructure is an ongoing threat


Some states are playing the privateer game
We cannot rely on international cooperation