Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Evil Geniuses<br />How organized cybercriminals could take over the world<br />Hillary Lipko, 1st-year MSPP<br />CS  6725 ...
Questions to answer<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Now!<br />
What’s going on? Who are these guys?<br />The profile of the “typical” cybercriminal has changed.<br />The motivation behi...
Who are the stakeholders?<br />Everyone.<br />The “bad guys”<br />Malicious programmers/hackers<br />Organized crime<br />...
Who are the “organized criminals?”<br />
Who are the responders?<br />
Who are the responders?<br />
Who are the responders?<br />
A side note about hackers…<br />Hackers<br />Criminals<br />Organized cybercrime<br />Computer criminals<br />Entrepreneur...
Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Now!<br />
What are the threats?<br />Identity theft<br />Fraud<br />Trafficking<br />Extortion<br />Cyberterrorism<br />Compromised ...
So about those bots…<br />(a.k.a “internet bots” or “web robots”)<br />Software applications that run automated tasks over...
What are the means?<br />Botnets<br />DDoS, access number replacement<br />Spyware<br />Spam, adware<br />Click fraud, fas...
Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br /...
Why computer crime?<br />It’s quick; it’s easy.<br />Low risk<br />Better ROI<br />Not location-reliant<br />
Why is this a problem?<br />It’s quick; it’s easy.<br />Can be hard to trace<br />Expensive to prevent inexpensive attacks...
Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br /...
So where are the bad guys hiding?<br />Everywhere.<br />Depressed economies and transitional governments<br />Russia, Chin...
Where do they come from?<br />Traditional organized crime is a business.<br />Political unrest<br />Poor legitimate econom...
Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br /...
How does organized cybercrime work?<br />Malware and botnet marketplace<br />Financing<br />Complacency<br />
How do we protect against these threats?<br />User vigilance<br />Honeypots<br />Proactive threat response<br />
How can we respond to incidents?<br />Black holes<br />Tracing<br />Blocking<br />Clean & patch<br />Escalation?<br />
Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br /...
Questions?<br />
Upcoming SlideShare
Loading in …5
×

Evil Geniuses: How organized cybercriminals could take over the world

1,014 views

Published on

A security-oriented overview of organized crime on the internet and their use of botnets, malware and spyware.

Includes partial transcript.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Evil Geniuses: How organized cybercriminals could take over the world

  1. 1. Evil Geniuses<br />How organized cybercriminals could take over the world<br />Hillary Lipko, 1st-year MSPP<br />CS 6725 – Information Security Policies and Practices<br />22 October 2009<br />
  2. 2. Questions to answer<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Now!<br />
  3. 3. What’s going on? Who are these guys?<br />The profile of the “typical” cybercriminal has changed.<br />The motivation behind criminal activity on the internet has changed.<br />Malicious hackers are getting organized and “The Mob” wants in.<br />
  4. 4. Who are the stakeholders?<br />Everyone.<br />The “bad guys”<br />Malicious programmers/hackers<br />Organized crime<br />Rogue governments<br />The “good guys”<br />Typical users<br />Security professionals/law enforcement<br />“Us”<br />
  5. 5. Who are the “organized criminals?”<br />
  6. 6. Who are the responders?<br />
  7. 7. Who are the responders?<br />
  8. 8. Who are the responders?<br />
  9. 9. A side note about hackers…<br />Hackers<br />Criminals<br />Organized cybercrime<br />Computer criminals<br />Entrepreneurs<br />Scam artists<br />Software developers<br />
  10. 10. Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Now!<br />
  11. 11. What are the threats?<br />Identity theft<br />Fraud<br />Trafficking<br />Extortion<br />Cyberterrorism<br />Compromised infrastructures<br />Warfare<br />
  12. 12. So about those bots…<br />(a.k.a “internet bots” or “web robots”)<br />Software applications that run automated tasks over the internet<br />Not all bots are bad<br />Spiders<br />IRC bots<br />Chatterbots<br />Game bots<br />
  13. 13. What are the means?<br />Botnets<br />DDoS, access number replacement<br />Spyware<br />Spam, adware<br />Click fraud, fast flux<br />Discussion communities<br />Communication<br />Marketplace<br />
  14. 14. Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br />Now!<br />
  15. 15. Why computer crime?<br />It’s quick; it’s easy.<br />Low risk<br />Better ROI<br />Not location-reliant<br />
  16. 16. Why is this a problem?<br />It’s quick; it’s easy.<br />Can be hard to trace<br />Expensive to prevent inexpensive attacks<br />Borderless by nature<br />
  17. 17. Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br />Now!<br />Cheap +effective<br />
  18. 18. So where are the bad guys hiding?<br />Everywhere.<br />Depressed economies and transitional governments<br />Russia, China, North Korea, Iran, etc.<br />Dark corners of the internet<br />
  19. 19. Where do they come from?<br />Traditional organized crime is a business.<br />Political unrest<br />Poor legitimate economic opportunity<br />Greed<br />
  20. 20. Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br />Now!<br />Everywhere<br />Cheap +effective<br />
  21. 21. How does organized cybercrime work?<br />Malware and botnet marketplace<br />Financing<br />Complacency<br />
  22. 22. How do we protect against these threats?<br />User vigilance<br />Honeypots<br />Proactive threat response<br />
  23. 23. How can we respond to incidents?<br />Black holes<br />Tracing<br />Blocking<br />Clean & patch<br />Escalation?<br />
  24. 24. Questions to answer<br />Everyone<br />Who?<br />What?<br />When?<br />Where?<br />Why?<br />How?<br />Robot takeover<br />Now!<br />Everywhere<br />Cheap +effective<br />LOLcats<br />Listen to the bunny<br />If we knew, we wouldn’t be here<br />
  25. 25. Questions?<br />

×