More details from FBI Deputy Assistant Director Steven Chabinsky’s keynote at FOSE. Chabinsky described several sophisticated attributes about the cybercrime underworld:
- Some groups offer 7X24 operations, tech support, encrypted servers, and bulletproof networks.
- Many times, cybercriminals rotate upstream network providers to protect themselves from law enforcement.
- Security technicians constantly read about software vulnerabilities, vendor software bulletins, and security-centric web sites. The goal? Develop malware based upon product shortcomings, published vulnerabilities, or delayed patching cycles.
- Behind their veil of Internet anonymity, cybercriminals look for targets of opportunity. Chabinsky compared it to a thief walking down the street and jiggling every door knob until he or she finds one left open.
- Hackers who discover a vulnerable system often get a finder’s fee.
- Many cybercriminals actually patch systems once they compromise them. Why? Once they establish a foothold, the goal is to keep other competitors out.
- The bad guys are actually in the software business and protect their intellectual property. For example, Zeus can generate a hardened ID that acts as a software license. Basic packages cost $3,000 to $4,000. More advanced copies that include development support can be purchased for $10k.
Are you scared yet?
Read more of Jon’s blog entries at Insecure About Security.
All views and opinions expressed in ESG blog posts are intended to be those of the post's author and do not necessarily reflect the views of Enterprise Strategy Group, Inc., or its clients. ESG bloggers do not and will not engage in any form of paid-for blogging. Click to see our complete Disclosure Policy.
ShareFor important information about using this content, please review our Terms & Conditions
