Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts tagged with Cybercrime Grit & Grime
Showing posts in English
Doug McLean | 05 Apr 2010 | 0 comments

That headline is not my assertion, but the conclusion reached by the Department of Justice itself. More specifically it's the conclusion of a report by the Department's Office of the Inspector General (OIG). The OIG's charter as stated on its website is below.

The Office of the Inspector General (OIG) conducts independent investigations, audits, inspections, and special reviews of United States Department of Justice personnel and programs to detect and deter waste, fraud, abuse, and misconduct, and to promote integrity, economy, efficiency, and effectiveness in Department of Justice operations.

Typically, the OIG's reports review the finances and activities of each of the Department's nine bureaus.  This particular report, however, reviews the entire Department of Justice's activities around identity theft since President Bush...

Doug McLean | 02 Apr 2010 | 3 comments

The Internet Crime Complaint Center published its annual Internet Crime Report earlier this month. The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA). Some of the numbers in the report this year are just stunning.

While the number of complaints of cybercrime filed with IC3 increased 22% in 2009 compared to 2008, the total dollar losses increased a staggering 111% after four years of being relatively flat.

Annual Cybercrime Losses


Doug McLean | 08 Jan 2010 | 0 comments

One good way to tell if a topic has become mainstream is to monitor USA Today. So I wasn't terribly surprised when I found the lead in the paper's Money section on New Years Day to be focused on the latest trend in cybercrime. It seems that many cybercriminals, frustrated with the countermeasures put in place by larger banks and enterprises are now targeting smaller businesses that have adopted online banking as a way to save both money and and time.

As we all know cybercrooks like to target the weakest link in any system that might yield cash or cash equivalents. In this case, the miscreants have determined that the some of the systems banks use to support smaller businesses have material weaknesses that can be exploited. Specifically, the Automated Clearing House (ACH) systems and wire transfer systems have not kept pace with...

Doug McLean | 05 Jan 2010 | 0 comments

Albert Gonzalez, the mastermind behind the TJX, Heartland and Hannaford Bros. breaches, recently admitted that he was also the perpetrator behind the 2007 breach of Target Stores. While it was a small breach in comparison to his other accomplishments, prosecutors deemed it worthy of adding another two years to the minimum sentence they are requesting.

The Reuters report on the case indicates Gonzalez will now serve 17 to 25 years for his crimes. What I found more interesting than the developments in Gonzalez' case was the mention that one of his co-conspirators, Steven Watt, who was convicted of developing the software Gonzalez used, has been sentenced to two years in prison for his contributions to Gonzalez crime spree. He also gets to spend an extra three years having all of his computer and Internet activities "monitored."

The reason I think this is...

Doug McLean | 02 Dec 2009 | 0 comments

The decline in the newspaper business has already killed some major publications, but for some reason has not (yet) killed off the category of publications known simply as "Advertisers." These are the free publications that typically carry three to four local stories each day, a few dozen syndicated features and lots and lots of ads for local businesses.

We have a couple of these publications in my neighborhood including one entitled the "Daily Post." In a cover story today, they reported that local police stopped a car early Sunday morning and in it found:

"...receipts, unopened mail, doctor's bills and checkbooks belonging to residents in Pleasanton, Menlo Park, Fremont, Atherton, Redwood City and Mountain View."

"If that wasn't enough,...

Doug McLean | 08 Nov 2009 | 0 comments

Most readers of this blog are aware of the unholy alliance between the world's spammers and cybercriminals. This partnership is based upon the spammer's ability to present scams to millions of innocent users on behalf of those the crooks that would defraud them. The work of these two groups of miscreants most typically presents itself as phishing attacks on individuals and more recently spear phishing attacks of target corporations.

So it was with some interest that I noted two headlines in the data security trade press this week. The first was the verdict handed down to the self proclaimed "King of Spam," Sanford Wallace. A judge in California ordered Wallace to pay Facebook $712 million in damages for sending bogus emails to Facebook users. While it's a another...

Doug McLean | 02 Oct 2009 | 0 comments

It's been more than a month since my last posting and it's been surprisingly quiet on the cybercrime front since the Albert Gonzalez plea deal was announced. There have been a few new stories like this one in Network World summarizing how organized crime, mostly Russian, is taking over the global cybercrime industry. Followers of this blog will find nothing new in these stories other than the fact that nearly all major news outlets now seem to view cybercrime as a 'beat' requiring regular reportage.

There were, however, two smaller developments of interest. The first was the discovery that a Russian syndicate had offered a forty three cent "bounty" for every infected Macintosh a user could deliver. It's an interesting case on two fronts. First, it points out...

Doug McLean | 24 Aug 2009 | 0 comments

Doug McLean - Blogmeister

Readers of this blog know that I've been following the case against Albert Gonzalez, the alleged mastermind behind the TJX breach. Last Monday came the shocking news that the Justice Department has concluded that Gonzalez also led the teams that breached both Heartland Payment Systems and Hannaford Bros. Supermarkets. Think about that for a minute, we've now traced three of the largest data breaches in history to the "vision" and leadership of a single man. Gonzalez is currently incarcerated in Brooklyn, NY where he's awaiting trial for allegedly perpetrating the comparatively modest breach of Dave & Busters Restaurants.

We've also learned that Gonzalez and his colleagues did not attack companies at random, but selected specific Fortune 500...

Doug McLean | 18 Aug 2009 | 0 comments

Doug McLean - Blogmeister

The Washington Post broke an interesting story just before the Independence Day holiday about the issues the National Security Agency (NSA) has encountered in deploying their latest cyberdefense system. The Post requires a log-in to view the story, but the Wall Street Journal also covered the topic in more depth and it’s open to all to read, which I strongly recommend to anyone that cares about cybersecurity.

The basic story runs as follows. The Bush administration chartered the NSA with developing a comprehensive solution to both detect and block cyberattacks aimed at federal networks. The system, named Einstein, was originally deployed in 2002, though the functionality of the system was limited to intrusion detection, no countermeasure...

Doug McLean | 14 Aug 2009 | 0 comments

Most of the news coming out of the Black Hat conference in Las Vegas focused on the new attack on AES and the bootkit attack on the TrueCrypt full disk encryption product. While these are certainly compelling pieces of research, I also found the reviews of the session on Russian organized crime to be quite interesting. The session was co-hosted by the FBI and McAfee and focused on the causes and consequences of the old line Russian criminal gangs entering the cybercrime business.

Make no mistake, these guys are not hackers that just happen to have turned to the dark side. There's not really a Russian mob so much as there is a mob that happens to be Russian. Russia has a long history of organized criminal gangs that go back to the...