Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Encryption Blog
Showing posts tagged with Cybercrime Grit & Grime
Showing posts in English
Doug McLean | 13 Jan 2009 | 0 comments

Since last we looked in on the governments progress in prosecuting the miscreants that perpetrated the watershed TJX breach, there have been limited develoments. In early November authorities charged one Stephen Watt of New York with conspiracy for providing the wireless "sniffer" used to capture millions of credit card numbers as they traversed TJX's unsecured wireless network. If convicted, Watt could spend up to 5 years in prison and be required to pay up to $250,000 in penalties. My guess is he gets off with a much reduced sentence in exchange for providing further testimony against the ring leaders of the conspiracy.

More recently one of the perpetrators that prosecutors believe WAS one of the ring leaders was sentenced last week to 30 years in a Turkish prison on an unrelated cybercrime charge....

Doug McLean | 08 Dec 2008 | 0 comments

Interesting piece in today's Wall Street Journal about President-Elect Obama's decision to appoint a cabinet level cybersecurity chief. The role as described will be one of those cross agency coordination jobs that has almost no staff or resources but significant influence given where it lives in the government.

I'm generally pretty suspicious of plan to create a new little piece of the bureaucracy that's supposed to magically solve some massive problem...witness the issues that the Department of Homeland Security has had. In this case, however, a small coordinating body might make a material difference. For legitimate security reasons, we'll never know how much effort is being expended by the various military and civilian agencies to address cybercrime and cyberterrorism. But, I'd bet dinner that the bulk of the work is stove-piped inside each agency. This turns out...

Doug McLean | 01 Dec 2008 | 0 comments

I've believed this for some time, but the author of this post does an unusually good job of describing how cybercrime gangs are now organized. I also really like the parallel's Michael draws between cybercrime gangs and their Mafia counterparts.

Like he says, "Let's be careful out there."

Doug McLean | 13 Nov 2008 | 0 comments

An interesting local story appeared in today's San José Mercury News. An ISP that was working under the brand McColo was shutdown when its two "upstream providers" Hurricane Electric and Global Crossing unplugged their links to McColo. This isn't exactly news by itself as these bad actor ISPs posing as legitimate businesses come and go pretty frequently.

Nor was it news that the miscreants behind McColo are probably well beyond the reach of U.S. law enforcement. While their hardware may have been in the heart of the Silicon Valley, the bad guys themselves are evidently in Eastern Europe.

What is shocking about the story is that the minute McColo was offline, Trend Micro observed at 40% drop in spam hitting its customers filters. Trend's spam filtering products report back to a central point to aid in the identification and blocking of new spam attacks. So they have a pretty good perspective on what's going on across the 'net. But,...

Doug McLean | 20 Oct 2008 | 0 comments

The Supreme Court announced today that they would hear the first case on identity theft to reach the high court. When I first saw the headline I thought great, now maybe we'll get some focus on this issue. Unfortunately, the case itself is only peripherally about identity theft.

The core issue is just how much latitude the court is willing to give prosecutors in pursuing illegal immigration cases. It turns out that one of the legal tactics now being used by prosecutors against those caught in the U.S. illegally is to threaten to charge them with identity theft in order to get them to plead to the lesser charge of entering the country without proper documentation. The case hinges on whether a defendant is aware that the made up social security number or other details they've invented on their fake documents in fact belong to someone else.

It will...

Doug McLean | 23 Sep 2008 | 0 comments

Congress Passes Cybercrime Bill While the executive branch of the U.S. government was consumed last week with helping the credit markets find a way out the desert, the legislative branch focused just long enough on cybercrime to pass an important bill.

The House finally passed the Identity Theft Enforcement and Restitution Act and sent it to the president for signature. The bill passed the Senate unanimously in July of last year, but had been stalled in the house behind other "legislative priorities". Though as the 110th Congress has passed fewer bills than any Congress in the years they've kept records, you kind of have to wonder just what those other priorities were.

Still, we should be thankful Congress is finally taking its responsibility to upgrade the...

Doug McLean | 18 Sep 2008 | 0 comments

The U.S. Department of Justice yesterday released the results of a cybercrime survey in which they polled nearly 8,000 businesses about their experience with cybercrime. Not surprisingly, they found that 67% of their respondents had detected at least one cyberattack in 2005 (the period studied). In addition, more than 90% of respondents that had detected an attack acknowledged financial loss as a result. When it came to the specific threats posed by outright cybertheft, only about 10% of respondents claim to have been victimized. What's truly disturbing, however, is that only half of those victimized reported the theft to law enforcement.

Three Thoughts That Struck Me

-If enterprises aren't going to adopt the same reporting standards for cybertheft that they'd have if a thief broke in and raided the...

Doug McLean | 15 Sep 2008 | 0 comments

Damon Patrick Toey plead guilty Friday to his role in the TJX breach. The legal strategy being pursued by the prosecution here is pretty clear. Get one or more of the minor players to roll over by promising leniency if they testify against the "bigger fish". In this case the big fish is the purported ring leader, Albert Gonzalez.

We'll be able to tell just how much confidence the government has in its case based on the number of guilty pleas they'll extract from the co-conspirators before they take Gonzalez to trial. If they're highly confident that the body of evidence can get them a conviction, they'll probably only offer deals to one or two others and they'll take Gonzalez to trial rather quickly. If there are holes in the evidence, they'll negotiate with the other perpetrators to see who they can...

Doug McLean | 03 Sep 2008 | 0 comments

A report out of the Identity Theft Resource Center claims that the number of data breaches in 2008 has already surpassed 2007's total of 446. While it's intuitively obvious that the number of data breaches is increasing, I have a hard time putting much credence in the actual numbers reported by the ITRC or the reasons they cite for the increase.

The first problem with counting data breaches is that we all need to admit that the only statistics we see at all are reported data breaches. Until 2003 when California passed the watershed legislation in this field, SB 1386, very few breaches had to be reported and predictably almost none were. Initially, many global enterprises ignored SB 1386 assuming that if they didn't have a presence in California they weren't subject to it's requirements. It took awhile before most enterprises, particularly those outside of...

Doug McLean | 24 Aug 2008 | 0 comments

Jesper Johansson posted a really terrific piece entitled "Anatomy of a Malware Scam" on The Register Friday. Johansson is an All-Pro security expert and researcher and does a marvelous job of breaking down an extremely complicated scam into terms even most civilians can understand.

He not only explains the computer and social engineering gambits involved in this particular fake malware detection scheme, but analyzes the nature of the team that executed it. There is a LOT of sophisticated software engineering involved in this attack and if you had any doubts that the malware business has been taken over by professionals, this should put to rest any doubts. This fake anti-malware utility is in some ways better designed from a usability standpoint than some of the legitimate tools out there. The problem, of course, is that it's real purpose (or at least one of them) is to...