Criminal Intrusion Trends
The following contains my summary of the Criminal Intrusion Trends Presented by FBI at the the 2010 Technology & Homeland Security Forum in Niagara Falls, NY. First blog here.
He recommended deploying multiple security rings or layers, each from a different vendor, to increase the probability of detecting a virus or intrusion.
I learned the FBI will come into your business to determine how your computer security was compromised. Your business had to qualify for their help. E.g. A key infrastructure facility (sorry Dominos).
He gave examples of sophisticated cyber crime rings and how they use several steps to extract funds from personal, business, NFP bank accounts to unknowing money-mules who transfer the funds to off-shore east-block countries. They’re often solicit these money-mule with very official looking job emails from reputable sources to “hire”. If it sounds too good to be true, …
He showed some very convincing malware screens, intended to fool a person to unknowingly downloading and installing malware. One example was an typical XP notice from the status bar to update MS antivirus. I was fooled.
I learned that 61% of software exploits through Adobe Reader – the #1 target of attacks. Second place, 78% of exploits are MS Office, for versions three years out of patch updates.
There’s malware that posted on your friends Facebook pages “you look awesome in this video”. People would open the video (which looks like youtube), but it would first download a plug-in, which is the infection.
A side introduction was given about Infraguard. Launched and sponsored by the FBI, Infraguard is a not-for-profit community based cyber-threat aware association, 400k members with chapters throughout the US. 100 members in Buffalo alone. I was impressed.
They showed a neat tool from Virustotal.com, where you can upload a suspected infected file. They will automatically scan with numerous / all available antivirus tools. However, the bad guys use this also.