« Weekly Security News – November 4, 2010 | Main | Weekly Security News – November 11, 2010 »


About This Blog

The Content Security Research Team's Mission: Deliver security research and intelligence that educates, supports and strengthens the security community, and drives innovation in our eSafe solutions.

Follow Us on Twitter

11/05/2010

The Evolution of eCrime


It took almost 40 years from the first computer bug in 1947, to the first PC virus in 1986, which marked the beginning of eCrime.  But even then it took more than 10 years for criminals to realize that they can make more money infecting computers than selling drugs.  The advent of the Internet and easy reach to millions of computers around the world, created endless opportunities for criminals to make money with almost zero risk. They took things seriously and the sophistication and the professionalism of the eCrime that we see today would have looked as science fiction just 10 years ago.

Threats Evolution
As the Internet has evolved into the dynamic, collaborative and wide-open Web 2.0, the business of eCrime has evolved along with it. eCrime is now a highly profitable and targeted business model that capitalizes on the weaknesses of an open Web and human’s naïve nature.  Carefully crafted and socially engineered spam messages lurk for those naïve and unsuspicious internet users guiding them to infected websites.

The Motive - It’s all about money…
The money making process is structured and thorough:

  • Finding the opportunities
  • Researching security vulnerabilities of most commonly used applications like PDF reading, Internet Explorer, etc.
  • Choosing the tools and methods of operation usually writing code to exploit security vulnerabilities and inject malware into users computer
  • Operating and feeding the food chain (through money laundering) by selling exploits and malware to operators that control networks of infected computers (BOTNET)
  • Making money by sending spam and phishing email via infected computers that are part of the controlled BOTNET

The Food Chain

  • Cybercriminals are paying researchers that sometimes work as a group to scrutinize commonly used internet-enabled applications and find vulnerabilities
  • They then pay code writers to write malware that exploits found vulnerability
  • They distribute malware by paying people for each infected computer that joins their BOTNET
  • All this is fueled by selling spam advertisement for questionable or bootlegged products
  • This spam is being sent out through the BOTNET of infected computers around the world

Cybercriminals are developing malware that has been purpose-built to find its way around traditional security measures.  The race will always be between security solutions and eCrime professionals/amateurs. Security companies are developing new technologies to stop them and Cybercriminals are developing new technologies to bypass security.

Comments (0)

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.