Cyber crime using business models, says Cisco
Dubai, July 23, 2009
Internet criminals are increasingly operating like successful businesses, borrowing some of the best strategies from companies and forming partnerships with one another for profits, says a report.
A 2009 mid-year security report from Cisco, a leader in network management for the Internet, outlines some of the most common technical and business strategies that criminals use to breach corporate networks, compromise Web sites and steal personal information and money.
Cisco offers recommendations for protecting against some of the newer types of attacks that have surfaced recently; recommendations that incorporate people, processes and technology as an overall holistic risk management solution.
The organisation also advises heightened vigilance against some ‘old school’ approaches that are just as sophisticated and prevalent as the newer threats.
“Securing the Internet has long been a moving target, as criminals develop increasingly sophisticated ways to breach corporate networks and obtain valuable personal data,” said Patrick Peterson, Cisco fellow and chief security researcher.
“What is striking in our latest findings is how - in addition to using their technical skills to cast a wide net and avoid detection - these criminals are also demonstrating some strong business acumen,” he added.
Cisco security executives recently utilised a live interactive IPTV broadcast to evaluate the report’s findings and to discuss best practices to effectively counteract increased criminal sophistication.
Among the threats included in the talk were those presented by worms, with the rise in social networking meaning that it is now easier for worm attacks to be launched.
The proliferation of online communities has made it much more likely for users to click links and download content they believe are sent by people they know and trust, spreading worm attacks throughout the Net.
An example of the havoc that can be wrought from such an attack was demonstrated by the Conficker worm, which began infecting computer systems late last year.
The combination of advanced malware techniques exploited a Windows operating system vulnerability and continues to spread, with several million computer systems being under its control as of June.
The tendency of criminals to co-operate in order to enhance the effectiveness of their illegal activities was also highlighted during the discussion.
Botnets, networks of compromised computers, serve as efficient means of launching attacks and increasingly, botnet owners are renting out these networks to fellow criminals, effectively using these compromised resources to deliver spam and malware via the software-as-a-service (SaaS) model.
Peterson acknowledges the increasing propensity for on-line criminals to work together.
“They are collaborating with each other, preying on individuals’ greatest fears and interests, and increasingly making use of legitimate Internet tools, like search engines and the software-as-a-service model,” he said.
“Some also continue to succeed using well-documented methods that in recent years have been downplayed as threats, given the preponderance of new tactics,” he added.
During the session there was also discussion about on-line criminals launching attacks off the back of major news stories; something that was highlighted by the illegal activities reported in April after the outbreak of H1N1 influenza, or ‘swine flu.’
Following this event, cyber criminals quickly blanketed the Web with spam that advertised preventive drugs and links to fake pharmacies. In fact, spam continues to be one of the most established ways to reach millions of computers with legitimate sales pitches or links to malicious Web sites.
A staggering 180 billion spam messages are sent each day, representing about 90 per cent of the world’s e-mail traffic. Spam messaging remains a<