Tuesday, November 25, 2014

Brian Krebs’ Spam Nation

Computer security journalist Brian Krebs ("Krebs on Security" here) signed books at Barnes & Noble in Austin on November 24.  Spam Nation is really about two nations: Russia and the United States.  Two criminal organizations dedicated to online spam and botnets, perhaps the largest in the world, work(ed) from Russia, targeting Americans. 

Brian Krebs started his presentation by acknowledging the four years he spent on the project.  He then thanked his publisher, editor, and associated researchers, and the cyber-crooks.  Both of them denied that they were engaged in criminal activity; and both have threatened to sue. 

It starts with spam, offers for Viagra, Gucci, and other big name products, especially pharmaceuticals and designer fashions.  The offers themselves are real enough, in that, apparently, millions of people are taking fake drugs and carrying fake handbags. 

About fifty security professionals attended.
However, attached to the offer is malicious software that takes control of your computer. Your computer becomes a zombie following their orders to infect more computers.  These networks of robots (“botnets”) flood the Internet with new viruses.  According to Krebs, the typical life cycle is 12 to 24 hours. As new creations, the programs successfully challenge anti-virus software such as Kaspersky and McAfee.

Eventually, the two criminals turned on each other.  They provided Russian law enforcement (and Krebs) with millions of stolen records.  One of them, Pavel Vreblevsky even got himself appointed to a commission to investigate computer crime.  (I note that in that, he was like William Chaloner and John J. Ford, who also played both sides of the game.)
When asked about security tools, Krebs replied that good procedures are the best protection.  Rather than trying to keep people out of your network, you need to focus on finding them once they get in.  Rather than spending money, sometimes millions of dollars, on tools that no one actually uses, it is better to hire good people to really use the tools your company now has. 

Krebs said to keep your personal and professional lives separate.  He recommended partitioning your operations with different computers on different services for different tasks. Have different VPNs (virtual private networks). Use layers of security.

Asked about the threat of a catastrophic attack on our information infrastructure, Krebs said that it is not in the interests of these criminals to harm our economy.  They want us to buy from them.  Disrupting commerce is unproductive.  Krebs suggested that a catastrophic event will come from a Wargames scenario where “some kid in his mom’s basement who will see a big red button and has no social understanding.”


No comments:

Post a Comment