Copyright © 2005 Eset, spol. s r. [email protected] Peter Kovac Malicious Software and Computer Crime...
-
Upload
willis-wilcox -
Category
Documents
-
view
214 -
download
2
Transcript of Copyright © 2005 Eset, spol. s r. [email protected] Peter Kovac Malicious Software and Computer Crime...
Copyright © 2005 Eset, spol. s r. o. [email protected]
Peter Kovac
Malicious Software and Computer Crime
Impact of some types of computer infiltrations
Software of different kind
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
What is malicious software?
Software which has adverse effect of any kind, also called malware
Total yearly loss estimated at $13-15 billion (Computer Economics Inc., 2003)
Summer 2003 Blaster and Sobig worms epidemics
Air Canada’s reservation system goes down, CSX’s trains grind to a halt, 3,000 computers in city of Fort Worth, TX shut down (BusinessWeek cover story; Sept 8, 2003)
15% of large companies, 30% of small businesses affected
What is effect of malicious software?
Countermeasures
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
How protected the computers are ?
85-90% of consumers have an installed antivirus solution (Piper Jaffray, June 2005)
77% of consumers believe they are safe (AOL & National Cyber Security Alliance survey, November 2004)
55-67% report an active subscription (Gartner, May 2005)
10-30% have up to date signatures (Consumers and Internet Safety,” Mary Culnan, Oct. 2004, Bentley College, Harris Interactive, SYMC Corp.)
Victims
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Who is target of malware ?
Any and all computer users
Classification
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Most common malware categories
Viruses – self-replicating programs parasiting on other programs
Worms – programs which copies itself over the networks
Trojan horses – sometimes legitimate programs containing some functions hidden to unaware user
Spyware – programs designed to collect information (web surfing habits, typped texts, passwords etc.)
Spiced Ham
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
What is a spam?
Food
Spiced Ham produced since 1937 by Hormel Foods Inc, popularized by Monty Python’s sketch
Webster’s Dictionary
Spam is an un-requested e-mail, often a commercial one, sent to individuals, groups and / or into mailing lists.
British Legislation (and rest of the EU)
Every message sent to a customer with whom the sender has no consensual trade relationship.
Email & Infiltrations
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
What have worms, trojans and spyware in common?
Annoy an enormous number of computer users
Way of spreading – e-mail spam
Common techniques, like return-address fraud
Illegal in many countries
Internet & Infiltrations
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Spam Situation (Marko and Trnka 2004)
Past Situation
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
How spammers work - past
Commercial malware
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Zombie PC
PC affected by malware – typically worm
Worm installs a backdoor/Trojan and reports IP address to the attacker
Zombie PC listens to remote commands and thus can be remotely controlled and abused via internet
Present Situation
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
How spammers work - present
Internet & Infiltrations
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Types of infiltrations from unique IPs
viruses 58%
spam 34%
both 8%
Types of infiltrations from unique IP addresses (Marko and Trnka 2004)
Zombification of PCs
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Bagle worm variant on 20th September 2005
2000
6000
10000
14000
18000
Commercial malware
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Randex worm
Back in 2004 journalists from German C’t magazine were able to purchase IP addresses of around 10000 computers infected by Randex worm
Gathered information handed over to German police and later resulted into arrest of suspected Randex author in Canada (teenager of 16 yrs)
Possible use of zombie PC – spam, DDoS attacks, information gathering etc.
Price tag ranges from couple of cents up to 1 USP per IP with massive volume discounts
Phishing
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
What is phishing ?
Counterfeit e-mail message, mass-mailed by various groups of criminal hackers (spam message)
E-mail message utilizes the "social engineering" technique to make users fill in their personal data (credit card numbers, bank account information and various personal details) on a fraudulent web site
The professionally crafted e-mail message claims to come from a bank, financial institution or an ISP and usually demands the confirmation of personal data
After clicking the link, users are sent to a fraudulent site, which looks just like the institution's web site and are asked for various sensitive information
Malicious Software and Computer Crime
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Consequences
Decrease in credibility of e-mail communication
Malware generating Bounce and Auto-Reply
Anti-viruses as spam generators
Growth of crime committed from countries far away from victim
Malicious Software and Computer Crime
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Conclusion
Commercial application for computer infiltrations has been found
Need for a complex approach to computer security
Need for a complex approach to law enforcement
Need for a international cooperation
Malicious Software and Computer Crime
Copyright © 2005 Eset, spol. s r. o.
Peter Kovac
Thanks for your attention.