The CyberCrime: Facts, Reasons, Trends
Transcription
The CyberCrime: Facts, Reasons, Trends
The CyberCrime: Facts, Reasons, Trends Eugene Kaspersky Founder & CEO Kaspersky Lab eugene@kaspersky.com Criminal business in the internet Without using malicious content: • C Carding di • Web Web--fraud • Site Sit hacking h ki Using malicious content: • Stealing confidential or private i t data d t • DDoS DDoS--attacks • Spam S • Phishing • Etc. Et This is not our expertise The Rogues’ Gallery – The Script Kiddies Chen IngIng-Hau – 24 (Taiwan) Jeffrey Lee Parson – 18 – (USA) Sven Jaschan – 18 – (Germany) Arrested September 21 21,, 2000 for the CIH virus Arrested August 29 29,, 2003 for the Lovesan Lovesan..b virus Arrested May 7, 2004 for NetSky and Sasser viruses The Rogues’ Gallery – Binary Thieves Jeanson James Ancheta – 20 (USA) Farid Essebar -18 (Morocco), Atilla Ekici – 21 (Turkey) Arrested November 3, 2005 for creating zombie networks and leasing them for spam mailing and DDoS attacks tt k on websites b it Arrested on August 26 26,, 2005 for creating zombie networks using Mytob and Zotob (Bozori) Bozori) worms Reasons for E-Crime • Profitability • Easy to do (technically and morally) morally) • Low risk business • New services that are profitable to attack Reasons: Profitability Bank attacks 9 2006 2005:: Nordea 2005 2006: Sumitomo bank bank (Sweden Sweden) – an attempt ) – 1.2 1 2 mln. mln to steal . Euros $424 mln. mln. (failed) stolen (successful, under investigation) Yaron Bolondi – 32 (Israel) Arrested on March 16, 16, 2005 for breaking into the network of a London branch of Sumitomo Bank and attempting to withdraw £220 million from the bank's accounts Reasons: Profitability DOS attacks 92003 – 2004: 2004 DDoS attack on British online bookmakers followed by extortion 9July 20 and 21, 21, 2004 - 9 people were arrested t d for f participating ti i ti in i th the attack 9October 2006 – 3 hackers from the group were sentenced to 8 years in jail Maria Zarubina and Timur Arutchev organized the attack and d are still ill on the h Most M Wanted List. The Birth of Ransomware Criminal Encryption It would take a 2.2 GHz computer 30 years to find the key using brute force Botnets Massively-Multiplayer Online Games (MMORPG) Reasons: Easy to do • Many trojans are technically simple, easy to create and use • Malware is sold openly • No feeling of guilt – the criminal doesn’t doesn t see the victim 9 Psychologically it’s easier to steal $1000 out of a virtual pocket than out of a real one Reasons: Low risk business Cybercriminals feel relatively safe because: because: There are gaps in some countries’ legislation Legal authorities aren aren’tt acting quickly enough Victims rarely inform police about crimes Insignificant damages – incidents are not interesting to police (despite the huge number of these crimes) crimes) The crimes are international, international, while there’s no Internet--Interpol Internet Reasons: New services • • • • • Internet--money and online banking Internet Personal and confidential data Online games and virtual characters Stock--exchange online agencies Stock And more to come… Each new service is a new cybercrime y target g Social Networking • Blogs, forums • Wiki • MySpace, M S YouTube? Y T b ? • Other online communities CyberCrime is Big Business • Profitability • Easy to do (technically and morally) morally) • Low risk business • New services that are profitable to attack Will It Get Any Better? Today there’s no reason to believe b li that th t the th cybercrime b i situation will improve in the anytime soon It is obvious that the number of EE-Crimes will keep growing over time Malware proliferation in the internet 1200000 1100000 1000000 900000 800000 700000 600000 500000 400000 300000 200000 100000 0 2004 2005 2006 2007 (est.) ( ) Source: Kaspersky Lab At least 5 malware samples emerge in the internet every 2 minutes Automating The Lab Highly automated antivirus lab, which utilizes: Automatic malware analyzers: • Sandbox • Heuristic analyzers •“Family” “F il ” recognizer i • And more Automatic detection Automatic updates quality control and distribution KL protection: in-lab 180000 160000 140000 120000 100000 80000 60000 40000 20000 0 2004 2005 2006 2007 (forecast) The number of new signatures, added into KL databases every year Developing State-of-the-Art Technologies We employ standard & additional protection technologies Signature scanner (with quick reaction time) Generic detection routines (“smart” signatures) eu st c sca scanner e (e (emulation) u at o ) Heuristic Behaviour blocker (HIPS) Unpacking and unarchiving Developing State-of-the-Art Technologies New types of threats require new protection technologies Anti-Rootkit Anti-Keylogger g Anti-Phishing Anti-Adware Self-Protection Active infection” infection healing “Active Other advances Banning Together to Fight CyberCrime Maximum protection against cybercriminals requires: Internet-Interpol Needs time and concordance between all involved countries Educating users to defend themselves New services and new types of attacks require constant education Effective protection technologies and products The most effective method Questions? Eugene Kaspersky Founder & CEO Kaspersky p y Lab eugene@kaspersky.com
Similar documents
How Kaspersky Technical Support could Work for a User
We are a company and we provide technical support to our customers who face problems in Kaspersky antivirus, Dial our customer support number 1800-921-376 for instant help.
More information