Monday, June 16, 2014

Past, present and future of cybercrime

"It’s customary in the antivirus industry to name viruses not according to how their authors’ named them, but to come up with new names – so as not to fuel the authors’ egos… oh, and maybe stamp our authority all over the conquered viruses!." Here's how Aleks Gostev, Chief Security Expert at Kaspersky, explains why they named "Cabir" the first virus for mobile phones discovered 10 years ago, while its creators had called it "Caribbean."

The first virus for mobile phones detected in 2004 revolutionized the activity of security labs, now a new threat by Israeli researchers promise not to make it easy for security firms. This attack takes advantage of the air-gap network hacking technique to infect systems even if they are isolated from the Internet, previously infecting a mobile phone. The modus operandi works as follows: the hacker sends a seemingly harmless SMS to the victim with a link to a piece of malware especially designed to use this technique. Once infected mobile, the malware can scan the electromagnetic waves of different devices at a maximum distance of 6 meters and manipulate them to create a network connection using FM frequencies so the attackers could install a virus on a computer or server. Although it sounds like science fiction, it could become the worst nightmare for critical infrastructure systems, governments and companies of all kinds.

However, the traditional hacking methods are still valid and, sometimes, still highly lethal. In fact, the fast food chain Domino's Pizza recently acknowledged a security breach on its systems that allowed cybercriminals to access records of 650,000 of its customers in France and Belgium. This criminal group called Rex Mundi, has demanded 30,000 euros to the company to prevent the publication of such information, although it seems that Domino's has not shown any interest in giving in to such extortion.

But Domino's Pizza is not the only restaurant chain that has recently suffered an information leakage. P.F. Chang's has also confirmed that its customers’ credit and debit cards data may have been compromised by a cyberattack on its systems, but it has not provided any further details about the incident so far.

Even Facebook could have become a victim of the evil arts of a hacker who has published a list of about a million email addresses that allegedly belong to its users. However, he does not deserve the credibility of the experts since that same hacker published another document with alleged email addresses from Electronic Arts’ users just some hours before and the company denied that such email addresses belong to any of its databases.

Nevertheless, the disheartening impunity of cybercriminals is been progressively reduced. Indeed, the growth of the illegal activities on the Internet in recent years has led law enforcement worldwide to wake up, to create specialized cybersecurity bodies and to seek agreements to increase coordination across borders. We’ve been witnessing the fruits of these efforts for some time now. It has dramatically increased the number of arrests of cybercriminals worldwide, including recent 97 arrested in connection with banking Trojan "BlackShades", and global operations are often carried out, for example, to disrupt the malicious activity of GameOver Zeus botnet a few days ago.

Do you have any thought to share with us? Tell us on any of our social channels (you have the links at the right sidebar) or here our blog. 


Post a Comment