Henry Dalziel | Hacker Hotshots, Latest InfoSec News | July 14, 2013
July 25th 2013, we have Brent Huston on Hacker Hotshots presenting: “Information Overload, Future Shock, IBM & The Nature of Modern Crime”.
During the web show you will learn what all these four items have in common and how management practices of the past have shaped the modern crime and fraud. Brent will also outline the cellular structure of criminal activity and the interrelations between cells and how this all applies to your job! Sounds very interesting and we look forward to the date!
About Brent Huston
Brent Huston is a highly experienced InfoSec professional with over two decades of experience, and is currently CEO of MicroSolved. Of particular interest, whilst at Microsolved, Brent developed a range of HoneyPot products, notably the ‘HoneyPoint Security Server’. We are certainly interested to learn more how this intrusion detection system works and the benefits that it brings to the client.
The Nature of Modern Cyber Crime
One of the main tenets of Brent’s presentation, which he also delivered at DerbyCon, is the Nature of Moden Crime. Modern cyber crime as we know if today could not be more lucrative for cyber criminals whilst becoming more difficult to defend against for information security professionals. EMC produced an interesting white paper on Cyber Crime Trends of 2013 which is summarized below.
Five main cyber crime threats:
1. Mobile threats, particularly from mobile devices are clearly on the rise. As we are all now aware, PC sales are decreasing: according to recent reports, global sales for PC’s declined for the fifth consecutive quarter in the April-June period, which makes that the longest decline in the PC market’s history. With the increase of hand-held devices means that there is an increase on attacks directed at the devices. For example, targeting mobile banking transactions is possibly the biggest threat out there. BYOD also fits into this category. (Side note: if you are interested in cell phone pentesting and security check out our Hacker Hotshot with Georgia Weidman and for BYOD – Aamir Lakhani).
2. The Privatization of Financial Banking Trojans and Other Malware is EMC’s second predicted large-scale threat of 2013.
3. Hacktivism and the Ever-Targeted Enterprises. We all know about Hacktivism, there’s no need to explain that. (Side note: completely different subject but you might find this post interesting! Cast your poll for the best hactivist hacking group logo! Last check we had 73 votes.)
4. Account Takeover and Increasing Use of Manual-Assisted Cyber Attacks. Interesting to see ‘account takeover’ because that is a hugely popular hack. Think about how many Twitter accounts have been hacked; possibly time for Twitter to introduce double log in like Google has?
5. Fifth on the EMC report is the prediction that cybercriminals will continue to leverage big data principles to increase effectiveness of attacks. What this really means is that botnets will be used to greater effect and with greater efficiency. Using ‘big data’ principles also means ‘big data criminality’. However, the reverse can also be said: that there is tremendous benefit in using big data principles to improve detection of cyber threats and fraud.
We don’t need to tell you this but cyber crime, obviously, gets more sophisticated and complex each month – let alone each year. There does seem a trend towards manual attacks from talented cyber criminals. The reason for this is likely because automated cyber attacks are now much better understood by malware analysts and security network professionals.
However, just as soon as we solve a bunch of attack payloads and signatures, so come along another armada of new cyber attacks tools and persistent threats. What do you think? Have we missed something out?