Information Technology News| IT News India | IT industry

Home > Specials > Security > Features

presented by

Sopranos in Cyberspace

Web mobs have used malware to steal millions of credit- and debit-card numbers. It's no surprise that organized crime and professional programmers are attracted to the dark side of Internet commerce.

There’s a disturbing trend in Internet activity: the rise of organized cybercriminals who exploit computer vulnerabilities to make money. Published reports paint a picture of a new kind of hacker: professional, profit-driven, and in many cases employed by traditional organized crime groups. These skilled programmers create sophisticated software used primarily for phishing attacks and theft of consumer log-in credentials. An antivirus researcher at Kaspersky Lab estimates that 90 percent of the malicious code circulating on the Web today was written by online crime groups. The damage these exploits are causing is so severe that it threatens to destroy the trust between companies and their online customers.

Rich Weiss, Director, Endpoint Product Marketing, Check Point Software

Web mobs have used malware to steal millions of credit- and debit-card numbers, Social Security numbers, and financial account user IDs and passwords in order to commit identity theft and online fraud. They have developed management structures and functional divisions of labor that enable them to traffic in stolen information using many of the same business practices as legitimate companies. For example, cybercrime groups employ people who specialize in stealing consumer information, conducting quality checks and appraisals of the information brought to them by hackers, and selling the information on Web sites that they can create and take down in hours in order to cover their tracks. Some groups even have employees who manage online discussion forums that enable sharing of hacking techniques.

Where the money is

Two primary factors have driven the rise of organized crime on the Internet. The first is the money that can be made by stealing and selling valuable information.

It's no surprise that organized crime and professional programmers—especially those in low-wage locations such as Eastern Europe,South America, and Russia—are attracted to the dark side of Internet commerce.

• The Federal Trade Commission has cited a survey that found more than $50 billion in Internet crime occurred in 2004

• A large bank can incur losses of over $10 million each year due to phishing scams.

• Shadowcrew, an alleged crime group with thousands of members, reportedly sold consumer records to thieves who cost banks and credit-card companies more than $4 million in fraudulent purchases. The Secret Service, which investigates online crime, estimates that losses due to Shadowcrew would have been in the hundreds of millions of dollars if the agency hadn’t located and arrested the organization’s top management. It’s no surprise that organized crime and professional programmers— especially those in low-wage locations such as Eastern Europe, South America, and Russia— are attracted to the dark side of Internet commerce.

Easy to hide

The second major driver of online crime is the relative anonymity and ease of avoiding prosecution. Members of organized crime groups typically communicate using aliases. They encrypt their communications and use network gateways that conceal computer IP addresses. They further hide their tracks by routing communications through proxy servers that make it very difficult to trace messages back to their sources.

Internet crime can also be very difficult to deter legally. Questions of jurisdiction and how existing laws apply to online activity present basic challenges. In addition, hackers frequently operate in countries that do not cooperate with law enforcement officials in wealthier nations seeking extradition of Internet criminals. Organized crime groups operating in these environments are virtually immune from prosecution.

The next wave

Today, criminal Internet operations that target consumers grab most of the headlines. The ease of making money using phishing scams and other identity-stealing activities has focused organized crime on consumers rather than enterprises. Moreover, successful attacks on consumer information databases often are made public due to regulatory requirements. Reporters have little difficulty getting victims of identity theft to talk about their experiences. In contrast, most enterprises keep their security breaches confidential.

The media’s emphasis on consumer-related losses could give businesses the impression that they don’t need to be concerned about organized Internet crime. That view would be misguided. Profit-motivated attacks on enterprises already occur, and they’re likely to grow in number and severity in the next few years. Consider the following developments:

• Hackers are establishing increasingly large “botnets,” or collections of tens or hundreds of thousands of PCs compromised by malware. Their masters can use these botnets to launch virtually unstoppable Distributed Denial of Service (DDoS) attacks on enterprise Web sites, DNS servers, email systems, and VoIP services. Botnets gives criminals a tool to extort large sums of money from companies, especially those dependent on e-commerce revenue.

• A related problem is that an enterprise’s own endpoints can be part of a botnet. Criminals can use these compromised PCs to distribute spam, child pornography, and malware in addition to using them in DDoS attacks and as hosts for phishing sites.

• Those close to the hacking community know that the electronic theft and illegal sale of corporate databases have been going on for years. Extortion based on stealing sensitive or proprietary information is another area organized crime groups seem likely to pursue.

• Shipping companies’ systems are being hacked in order to redirect freight deliveries to criminals’ pick-up locations.

• Gains from criminal activity can be readily laundered through methods such as money transfers through a series of Internet bank accounts, wagering on Internet gaming sites, artificial purchases on auction sites, and the traditional organized crime practice of using legitimate businesses to hide illegal transactions. These crimes can be very lucrative, which is why professional programmers are being hired to come up with increasingly sophisticated hacking techniques and malware. The “script kiddies” and independent amateurs who design worms for fun or to show off are now secondary threats. Considering how difficult it’s been to protect the enterprise against relatively simple exploits written by teenagers, though, the prospect of profit-motivated professionals targeting corporate networks is sobering.

A comprehensive solution

What can security managers do to thwart this clear and present danger? As explained earlier, counting on law enforcement is not a viable option. Instead, enterprises must secure all of their communication pathways. This not only includes traffic that passes through the network perimeter but also the packets that travel over the LAN and those bound for an enterprise’s Web services. Unauthorized communications should be blocked from entering or leaving any host connected to the enterprise network, whether that endpoint is remote or internal, a company asset or a customer or business partner PC, or whether the connection is wired or wireless. In addition, no PC should be allowed to connect to the network until its compliance with policy requirements, such as having up-to-date antivirus and critical patches installed, is verified. This comprehensive security strategy is what Check Point calls Total Access Protection. It’s enabled by the Check Point Integrity line of endpoint security solutions working cooperatively with gateways such as Check Point VPN-1, InterSpect, and Connectra.

Only the best security solutions can be counted on to defeat the highly skilled professionals who are figuring out how to compromise enterprise defenses. Driven by high wages and the potential for large profits, these organized criminals are highly motivated to find weaknesses in second-tier security products. Check Point’s patented Stateful Inspection and advanced application-layer filtering technologies, Application Intelligence and Web Intelligence, offer the best barriers against professional hackers’ intrusion tactics. And Check Point’s exclusive SmartDefense Services ensure that new vulnerabilities are mitigated before criminals can exploit them.

Although organized crime appears focused on consumer targets at the moment, enterprise security managers must not be complacent. As Internet crime groups grow and prosper, they will look to expand into new “markets” such as online enterprise extortion and sales of stolen proprietary information. Only by securing your organization with superior defenses for perimeter, internal, and Web services access will you have a fighting chance of fending off Web mobs.

Product Reviews
Forsa GeForce 7600 GS
Share Music over iTunes

Digital Communication
Go Local For Broadband
RFID: Emulate the Internet

Channel Tech
Super Storage On Its Way
Globalsat GPS gets certified by Dell

	TAM: Freedom from password management
	Try visual studio 2008. It�s Free
	Privacy on air:Explore now

	Motorola : Good Mobile Messaging
	Smart Enterprises = Smart CIOs
	Business Stability & Reliability with IBM

	Mahindra Connect benefits from SharePoint Server 2007
	Solving the "lost data" problem
	Wipro meets its future demands through E-Cube

	HP Business Availability Center
	Transforming Business
	Aligning IT and Business