ISYS100 Lecture Notes - Lecture 5: Online Predator, Identity Theft, Information Processing
15 Aug 2018
School
Department
Course
Professor
- Extended operations
Organised cybercrime
Script Kiddies → Crime Bosses. The paradigm shift from “hack for fame” to “cybercrime for
profit”
- Hackers discover vulnerabilities and sell to the highest bidder
- Crimeware suites created and sold to less technically inclined users
- Crimeware as a service mentality
- Data supplier model
- Pricing profiles introduced
- Credit cards=cheap
- Healthcare info/single logins for organisations = expensive
Criminal economics 101
- Organised crime closely mimics the actual economy
- Regionally-specific and enterprise-specific campaign
- Each attack campaign gathered centrally to sell
- Campaigns managed remotely from these central servers
- Data and asset management is just as essential as in traditional business
1. Boss deploys malicious code package
2. Campaign managers retrieve package and customized as needed
3. Malicious network used to inject package into legitimate sites. Commission-based.
4. Injected code served to users
5. Toolkit affects individual users
6. Infection data sent back to central location
7. PII flows back to boss
Cybercrime Profile: ZeuS
- The ZeuS Botnet
- Example of crimeware toolkit that originates from eastern europe, primarily Russia and
the Ukraine
- Utilises three major components and powerful encryption
- ZeuS trojan
- ZeuS config file
- Specification of dropsite
- Config file defines subnet of target
- ZeuS collects session variables during sessions
- Bypasses auth. Mechanisms and piggybacks session
- Criminals are able to move money to third parties in real-time
- ZeuS Builder provides binary files for constructing a botnet
- How simple is it?
Week 5: Cyber Crime
The Three waves of change
- “The third wave” By Alvin Toffler describes the three phases or “waves of changes”
- First wave
- A civilisation based on agriculture and handwork
- Relatively primitive stage
- Lasted thousands of years
- Luddites opposed technology
- Second wave
- The industrial revolution
- Began at the end of the 18th century and lasted about 15 years
- Third wave
- The information age
- Information becomes the currency
Food for thought
- “The degree of overlap between (organised crime and cybercrime) is likely to increase
considerably in the next few years. This is something that needs to be recognised by
businesses and government as an emerging and very serious threat to cyber-security”
Appeal
- The internet encourages anonymity and is distributed in nature
- Many countries have very few laws addressing cybercrime
- Love Bug Virus
- VB Script that spread via email and corrupted many different file types
- FBI traced the virus to the Philippines
- The increasing growth of e-commerce
Unorganised vs organised cybercrime
Unorganised
- Usually the work of an individual
- Decentralised
- Smaller resource base
- Hit and run mentality/ opportunistic
Organised
- Centralised group of criminals
- Many based in “hostile” nation
- Extensive access to resources/ business connections
Document Summary
The paradigm shift from hack for fame to cybercrime for profit . Hackers discover vulnerabilities and sell to the highest bidder. Crimeware suites created and sold to less technically inclined users. Healthcare info/single logins for organisations = expensive. Organised crime closely mimics the actual economy. Each attack campaign gathered centrally to sell. Campaigns managed remotely from these central servers. Data and asset management is just as essential as in traditional business: boss deploys malicious code package, campaign managers retrieve package and customized as needed, malicious network used to inject package into legitimate sites. Commission-based: injected code served to users, toolkit affects individual users, infection data sent back to central location, pii flows back to boss. Example of crimeware toolkit that originates from eastern europe, primarily russia and the ukraine. Utilises three major components and powerful encryption. Criminals are able to move money to third parties in real-time. Zeus builder provides binary files for constructing a botnet.
