Security researchers need to think like cyber criminals in order to anticipate hackers' next targets and attack methods.
This is the view of Bradley Anstis, VP of technical strategy at M86 Security, who says the cyber crime industry generates over $100 billion per year and organisations can no longer accept cyber crime simply as a cost to business.
Anstis will speak at the ITWeb Security Summit to be held from 10 to 12 May at the Sandton Convention Centre.
He will demonstrate a day in the life of a cyber criminal and discuss some of the tools and methods cyber criminals are using, such as exploit kits and banking Trojans.
He will also provide a demonstration of an actual cyber attack and how M86 discovered it.
Anstis' presentation is titled: 'How to beat the recession - become a cyber criminal'. He says the key message of his talk is not suggesting a new career path for IT professionals, but rather how easy it is to become a cyber criminal.
“Since 2007, the security market has grown 41%, and this is compared to cyber crime that has conservatively grown 376%.
Anstis explains that it is a constant cat and mouse game between security researchers and the attackers.
“Ideally, security researchers are able to plug gaps before they are used for attacks, but this does not always happen; look at the problem with zero-day vulnerabilities. Security researchers have to use every tool in their arsenal against cyber criminals.”
He adds that highly-motivated criminals are using tools that are getting easier for anyone to access and use, and this further widens the cyber crime problem.
Anstis says cyber criminals are using exploit kits, which are software applications that allows them to unleash, run and monitor cyber attacks similar to a BI dashboard.
“These tool kits used to have to be installed on servers run by the cyber criminal; often hijacked Web servers. They had to have enough knowledge to install and run these applications but lately we have been observing a very worrying trend.”
Cyber criminals are embracing cloud computing for all the same reasons as commercial organisations are, cautions Anstis.
“The exploit kits are now becoming services that you can easily subscribe to in the same way that you would other cloud applications like Salesforce, as an example. This further lowers the bar to get started as a cyber criminal.”
According to Anstis, the most common way cyber criminals infect a PC is by hijacking a PC for their own purposes, such as a botnet-sending spam. The other method to gain access to a PC is through Web access via a backdoor downloader, which exploits vulnerabilities in the system.
“The top 15 vulnerabilities observed in the second half of 2010 were all patched by the application vendor, often years beforehand and that tells us that we need to do a better job at updating our applications,” he says.
Share