Wednesday, November 12, 2008

Warning: Financial crisis is a goldmine for online criminals

by Marcelle Amelia

Criminals are taking advantage of the confusion over recent bank mergers in the United States to send out fake e-mail messages in an attempt to steal your personal information.

You've probably heard of phishing scams: fraudulent e-mail messages or fake Web sites designed to steal your identity. Scam artists "phish" in an attempt to persuade people to disclose sensitive information.

According to the U.S. Federal Trade Commission, new bank merger scams might say something like this:



“We recently purchased ABC Bank. Due to concerns for the safety and integrity of our new online banking customers, we have issued this warning message... Please follow the link below to renew your account information.”

Or this:

"During our acquisition of XYZ Savings & Loan, we experienced a data breach. We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below to confirm your identity.”


If you click these links, you might be taken to a fake Web site designed for the purpose of identity theft.

For more information from the FTC (
www.ftc.gov) about this scam, see Consumers Warned to Avoid Fake E-mails Tied to Bank Mergers.

To help avoid phishing scams:

1) If you think you're received a phishing scam, do not respond to it.
2) Approach links in e-mail with caution.
3) Don't trust the sender information in an e-mail message
.


For more guidance see:

Recognize phishing scams and fraudulent e-mail
How to handle suspicious e-mail
What to do if you've responded to a phishing scam

Monday, November 10, 2008

Can Worms and Viruses Be Useful?

While most of the uses of viruses and worms are typically malicious or at least inconvenient in today's environment, this will change over time. Worm technologies are currently being viewed as a potential method to distribute critical security patches to systems on networks. Viruses can be used to distribute applications on some modern operating systems. Some countries have introduced legislation to outlaw all use of viruses and worms in all forms. This is a short-sighted and a simplex application of laws to a complex issue as the same technologies are being looked at, very seriously, for use in good - not evil.

With the conditions for development of viruses and worms remaining as-is, I expect the following situations to develop in the near future:

  • Infestations of "invisible" infrastructures. Most of us don't think about the software inside a cell phone, automotive electronic system, DVD player, radio frequency ID tag systems, parking lot gate attendant systems, toll booths, wireless luggage bag-to-passenger matching systems, point of sale terminals, automatic door openers, letter sorters, printing presses and many others. As these technologies become more sophisticated, so do their connectivity methods and operating environments. Companies that produce such products migrate towards general-use commercial off-the-shelf (COTS) technologies, which allow greater opportunities for attack.
  • Worm, virus and hybrid attacks against communications infrastructures due to lack of security controls in base networking protocols and "building block" protocols such as Abstract Syntax Notation.1 (ASN.1). Much of the communications infrastructure of the world is built on protocol security concepts developed in the 1970's which do not translate well into today's technical security needs.
  • Use of viruses and worms by terrorist organizations as a way to deteriorate, disrupt and disable economic and social support systems in use by countries dedicated to anti-terrorist efforts. As horrible and malicious as the various physical attacks have been by terrorists against the United States, those effects are minimal compared to a debilitating attack by a worm against our financial, transport or utility infrastructures.
  • Accelerated sponsorship by hostile nation-states where the use of cyber attack is a rapid method of furthering a country's political and economic goals (cyber warfare and information operations methodologies).
  • Worms/viruses that "jump" between operating environments and applications. Some have shown this capability already and it's a rapidly growing trend.

While there are many disturbing trends in virus and worm development, there are certain issues which experts are particularly concerned about:

1. Companies that provide critical services, such as utilities, transport and petrochemical entities are interconnecting historically isolated networks with Internet facilities. This results in such networks being attacked and infested with viruses and worms that cause the networks to become disabled and this can critically affect infrastructure.

2. Home consumer PCs are being increasingly targeted by viruses, worms and hybrids harnessed for use as part of world-wide malicious "chains" of attack systems (known as Zombies) to effect Distributed Denial of Service (DDoS) and worm attacks against Internet connected entities

3. Research and development into new security encoding and methods in base network protocols needs to be accelerated to help offset the continued development of malicious code used to attack infrastructure

4. Lack of law enforcement actions, globally, in the prosecution and arrest of virus and worm developers. An extremely low number of persons involved in the development and distribution of malicious code are ever identified or prosecuted due to a lack of technical tools, skills and personnel in most law enforcement organizations.

5. Inclusion of basic system and application protection methodologies by developers of same. Basic technologies such as polymorphic checksums and cryptographic signature methods are well known and available. Such technologies could be used by all manner of developers to stop infestations and propagation of these malicious code segments.

6. Lack of senior corporate management to act properly, responsibly, rationally and quickly in the deployment of security technologies to prevent infestations and propagation of malicious code. Too many companies still do not invest in the basics.

7. Acknowledgement that viruses and worms are truly a multinational problem. While leadership by technologically advanced countries is crucial, introduction of viruses and worms into network infrastructure is easily done by the "weakest link" in connectivity - a small country with no laws on cyber-crime, no assets to protect, and no national will or means to prosecute perpetrators becomes the entry point for the world to be attacked. Remember that access to a small country's infrastructure does not require a physical presence - even a dial-up connection from anywhere on the planet will do just fine.

The "cure" for infestations is a long way off and will require partnership with industry and government to solve. Base research in network security improvements, deployment of security technologies, legislative efforts to prevent criminal use of worms and viruses, improvement in operating systems to stop infestations, application-level security technologies, law enforcement prosecution of cyber criminals involved in the creation and distribution of virus and worm technologies, improvement in base critical infrastructure and education and training through all levels of corporations, government and society will need to be combined to come up with effective eradication solutions.

Perhaps the most ironic aspect of viruses and worms is not just the cost to repair or prevent infestation - it's not like biological, chemical or nuclear terrorism where thousands or millions of dollars are required to make such an attack happen. It's just the entry cost necessary to create and distribute worms and viruses:

A PC with an Internet connection.

Copyright © 2008 - Kevin M Nixon. All Rights Reserved.  This document may be reprinted in part or whole with appropriate citation.

Worldmap and user
Powered By Blogger