Information Overload, Future Shock, IBM & The Nature of Modern Crime

Brent Huston

Thu, 25th July 2013

Speaker Bio 1:
Brent Huston @lbhuston is the Security Evangelist and CEO of MicroSolved, Inc. He spends a LOT of time breaking things, including the tools/techniques and actors of crime. When he is not focusing his energies on chaos & entropy, he sets his mind to the order side of the universe where he helps organizations create better security processes, policies and technologies. He is a well recognized author, surfer, inventor, sailor, trickster, entrepreneur and international speaker. He has spent the last 20+ years dedicated to information security on a global scale.

Brent likes honeypots, obscure vulnerabilities, a touch of code & a wealth of data. He also does a lot of things that start with the letter "s".

Learning Objectives:

Brent will explain:

  • What all the terms in the title have in common!
  • Learn how management practices of the past have come to represent the very nature of modern crime and fraud.
  • Learn the cellular structure of criminal activity and the interrelations between cells and how all of this applies to your day job.

Questions and answers

Max, Concise Courses:
Would you agree with the EMC white paper that mobile crime (amongst other types of crime) is going to be one of the major threats and cyber crimes of the future? I guess this is true, not least with this week’s SIM Card vulnerability discovery.

Brent Huston:
Absolutely, mobile is the next huge leap for global crime. We see groups already interested in that, we see chatter moving in it. I was at an FBI presentation yesterday where they talked about the idea of using infected phones to map organizations by using the audio, microphones and the camera. They showed some demos of mapping that had been done using Android Malware that they had discovered in crime scenes. Very interesting and we know that hackers are going to get better in that space.

Max, Concise Courses:
What do you think about the TOR Project? It seems that criminals are using possibly more than white-hat folk? (Also, take a look at our Tor Tutorial here).

Brent Huston:
I just read for example today that we are seeing a huge amount of increase in TOR traffic for Bot Net Command and Control and certainly for crime. If you look at ex-filtration patterns you see an exfil of data from commercial and government and critical infrastructure clients happen over TOR Nodes, so we know that is going on, and it is growing.

Of course, the other use of TOR is not necessarily white hat hackers doing research but that certainly is a part of it, but a lot of TOR is there to help protect folks who are trying to escape from political oppression and free speech, so I think that it’s dangerous to label TOR like ‘this bad thing’.

We hear a lot about the crime [committed using Tor] side of it but there is probably a lot of human rights stuff that happens there too. We shouldn’t probably say that it’s necessarily a bad thing.