Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cybercrime: From Kudos to Profit Gerhard Eschelbeck, CTO Sophos.

Published byLeonard Webster Modified over 9 years ago

Similar presentations

Presentation on theme: "Cybercrime: From Kudos to Profit Gerhard Eschelbeck, CTO Sophos."— Presentation transcript:

1 Cybercrime: From Kudos to Profit Gerhard Eschelbeck, CTO Sophos

2 What do these businesses have in common ? 2

3 Interpol “In the past, cybercrime has been committed by individuals or small groups of individuals. However, we are now seeing an emerging trend with traditional organized crime syndicates and criminally minded technology professionals working together and pooling their resources and expertise. This approach has been very effective for the criminals involved. In 2007 and 2008 the cost of cybercrime worldwide was estimated at approximately USD 8 billion. As for corporate cyber espionage, cyber criminals have stolen intellectual property from businesses worldwide worth up to USD 1 trillion.”

4 FBI Masses of resources, details of activity. Most wanted page!

5 Cybercrime as a “Business”

6 An Interconnected Economy Source: ENISAENISA

7 Malware central to Cybercrime “...individuals, normally working with others, with the capability to commit serious crime on a continuing basis, which includes elements of planning, control and coordination, and benefits those involved. The motivation is often, but not always, financial gain.” SOCA Organised crime

8 Malware was „Easy“ in the Early Days The Michelangelo Virus

9 Current threat landscape In 1 slide

10 Ransomware Pay ransom to access locked/encrypted files Simple Password protected archives Medium XOR shift Complex RC4 Public key crypto Recover data?

11 Ransomware (cont’d) Reveton: family of ransomware that locks users out of their machine http://www.youtube.com/watch?feature=player_embedded&v=-qR3D-Jx6FQ GEOIP lookup – locale specific lock pages

12 Ransomware (cont’d) Additional tricks to socially engineer victim. Fear factor.

13 PoS Malware - Troj/Trackr Umbrella detection name for all Point of Sale (PoS) RAM scraping malware. Includes: Alina, Dexter, VSkimmer, Kaptoxa, Chewbacca, etc. Troj/Trackr-* steals payment data from the RAM of PoS systems. Adds socially-engineered filenames, network functionality, bots, packed etc. Installed DLL version – malicious DLL is registered as a service and performs the RAM scraping. 13

14 Who does Troj/Trackr- target? 14

15 What about Mobile ?

16 Mobile malware growth accelerating

17 Anatomy of a hacked device

18 Crimeware kits ‘Monetization’ : the bulk of today’s threats are automated, coordinated & professional

19 It’s all about traffic Stolen FTP credentials Use sFTP! (should be enforced) Vulnerable software on site Wordpress plugins Image gallery -> upload PHP shell/kit Vulnerable server Patched? 0wned server e.g. Darkleech Compromised sites used to drive traffic. 85% of all bad stuff.

20 Drive-by downloads

21 Crimeware in Action

22 A Global Challenge

23 Reporting a crime YES. See NakedSecurity articles for links to advice.

24 Questions/Discussion? 24 GE@sophos.com

Download ppt "Cybercrime: From Kudos to Profit Gerhard Eschelbeck, CTO Sophos."

Similar presentations

Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
The Threat Landscape Jan 2013. 2013 Threat Report 2.

The Threat Landscape Jan Threat Report 2.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.

Latest Threats Against Mobile Devices Dave Jevans Founder, Chairman and CTO.
UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.

UT Wing Civil Air Patrol. Objective Identify network and cyber vulnerabilities and mitigations Social Media/Metadata/Exfil data MITM Attacks Malware Social.
Security for Internet Every Day Use Standard Security Practices and New Threats.

Security for Internet Every Day Use Standard Security Practices and New Threats.
Copyright© 2005-2006 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.

Copyright© Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 Tightening the Network: Network.
Wonga example Register Question- What risks do you think businesses face due to IT developments?

Wonga example Register Question- What risks do you think businesses face due to IT developments?
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.

Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.

By: Lukas Touder Cortney Warrick Jennifer Wehner Zachary Westpy Nicholas Whelan Cybercrime.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.

Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?

Malware Spyware & Viruses Overview  What does it look like?  What is it?  How can you prevent it?  What can you do about it when you get it?
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Agenda Do You Need to Be Concerned? Information Risk at Nationwide

Agenda Do You Need to Be Concerned? Information Risk at Nationwide
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:

Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Copyright Justin C. Klein Keane Drupal Threat Landscape.

Copyright Justin C. Klein Keane Drupal Threat Landscape.
WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301) 512-3350.

WEBSENSE ® SECURITY LABS™ 2006 Semi-Annual Web Security Trends Report OWASP Presentation November 9, 2006 Jim Young (301)

Similar presentations

Ads by Google