Criminal Intrusion Trends

The following contains my summary of the Criminal Intrusion Trends Presented by FBI at the the 2010 Technology & Homeland Security Forum in Niagara Falls, NY.  First blog here.

This presentation was given by a Special Agent of the FBI, based in the Buffalo field office.  While the presented information was very general, it was obvious the Special Agent knew his stuff.

He recommended deploying multiple security rings or layers, each from a different vendor, to increase the probability of detecting a virus or intrusion.

I learned the FBI will come into your business to determine how your computer security was compromised.  Your business had to qualify for their help.  E.g. A key infrastructure facility (sorry Dominos).

He gave examples of sophisticated cyber crime rings and how they use several steps to extract funds from personal, business, NFP bank accounts to unknowing money-mules who transfer the funds to off-shore east-block countries. They’re often solicit these money-mule with very official looking job emails from reputable sources to “hire”.  If it sounds too good to be true, …

He showed some very convincing malware screens, intended to fool a person to unknowingly downloading and installing malware.  One example was an typical XP notice from the status bar to update MS antivirus.  I was fooled.

I learned that 61% of software exploits through Adobe Reader – the #1 target of attacks.  Second place, 78% of exploits are MS Office,  for versions three years out of patch updates.

There’s malware that posted on your friends Facebook pages “you look awesome in this video”.  People would open the video (which looks like youtube), but it would first download a plug-in, which is the infection.

A side introduction was given about Infraguard.  Launched and sponsored by the FBI, Infraguard is a not-for-profit community based cyber-threat aware association, 400k members with chapters throughout the US.  100 members in Buffalo alone. I was impressed.

They showed a neat tool from Virustotal.com,  where you can upload a suspected infected file. They will automatically scan with numerous / all available antivirus tools. However, the bad guys use this also.

Advertisements

One thought on “Criminal Intrusion Trends

  1. Pingback: 2010 Technology & Homeland Security Forum, Niagara Falls NY, Part 2 « Rick Stomphorst Welcomes You

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s