Thursday, June 4, 2015

Are cyber criminals as clever as it seems?

Most relevant news today allow us to do something quite unusual: a monograph. Specifically, a monograph on cybercriminals intelligence. Are we overestimating them? Could it be that their tactics work because we are playing the fool? We will value it while we read an interview with the manager of a black market bazaar, inquire into the online life of a cybercriminal, analyze the poor 'cybersec' habits at work, and get to know about a 'made in Spain' hack.

When we think on Deep Web's black market we imagine a world controlled by powerful and terribly intelligent mafia organizations worldwide. But, a few days after the sentence to life imprisonment to the creator of the Silk Road bazaar, we find an interview with the administrator of another bazaar, more modest, where you can buy from exploits to drugs. The black market is a murky place where the gangs are fighting one another in DDoS battles, where kids and not so kids try to make a populated village and take off someday with the benefits. Are they ready and serious? Nothing. Rather cunning and thieves.

It is the same case as the creator of the malware Rombertik, which destroys the computer where it stays if someone tries to analyze it. A "sophisticated" virus, according to experts. But its creator is not so: a young man of 30 years from Nigeria, Kayode Ogundokun, very active on social networks. According ThreatConnect, Ogundokun had no interest in their cybersecurity, did not hide his steps and even gave his address and phone number showing videos on Youtube... It is certainly not the first case of an expert on malware and botnets that is caught for not protecting himself.

This clear. Sometimes we are victims of cyber criminals and it's not because they are smarter than us, as can be seen. It is because we sometimes do silly a lot. Blue Coat Systems has conducted a study with 1,580 employees in 11 countries: all of them surf inappropriate websites, including adult content; download forbidden apps and endanger their personal and corporate data.

Finally we want to point out another reason for our security problems: some companies believe that the user is foolish, so they give totally closed systems, which can not properly be configured to improve security, or just to change the password. About this is an excellent technical text that recounts the odyssey of a Spanish hacker when he challenged to access the settings and update the firmware of a router that a well known ISP offers its customers.

Spanish hackes and researchers, nothing to envy to rest of the world. This last research is a good example of this.


Post a Comment