State of Internet Security 2007 Jason Witty - October 9 th, 2007 SecureWorld Expo, Detroit.

State of Internet Security 2007

Jason Witty - October 9th, 2007

SecureWorld Expo, Detroit

Agenda

1. Current state overview 1. Current state overview

2. Phishing and trojans2. Phishing and trojans

3. Tools and data3. Tools and data

4. Solutions 4. Solutions

Current State Overview

Computer hackers met organized crime 3-5 years ago

Many phishing scams no longer require you to type in your information in order to steal your credentials

Breaking into systems has moved from “geek in a basement” to “13 year old with a GUI”

“Hacking” is no longer the real worry – computer fraud and ID/IP/Trade Secret theft is

LARGE data storage capacity has gotten SMALL

Regulation is helping, but public awareness is still dismal

Recent News The “RBN” (Russian

Business Network) controls millions of Botnet’ed computers on the Internet The Storm worm

alone has compromised 1-10 million PCs

The MPACK kit allows automated compromise of victims PCs by delivering targeted exploits

Torpig (and other) trojans target eCommerce sites and delivers MitM attacks

New for 2007: 0-Day “eBay”

Sample Tools: Point and Click Compromise

LARGE Data Storage is SMALL

• A single iPod Video (160GB) can store:– 60,000 photos– 40,000 songs– 6,000 videos– 4,096,000,000 Credit Card Records

(Name, Exp Date., CVV Codes = 40 Bytes/rec)– 320 Copies of “Back|track” OS and tools– 160 pick-up trucks worth of paper documents

DiscoverCard has

50,000,000 cardsissued

TEXT

MasterCard has

750,000,000 cardsissued

Visahas

1,600,000,000 cardsissued

TOTAL of 3:2,400,000,000

cardsissued

Solutions?

End-userEnd-user Corp. IP TheftCorp. IP Theft CriminalsCriminals

• Public service announcements

• Read-only, trusted operating systems

•Corporate commercials using security as advantage

• Stronger OS controls (Vista, etc.)

• 2FA, not “Strong auth”

• Tougher, internationally recognized penalties

• Better, not more, legislation

• More qualified investigative resources for LE teams

• Public / private partnerships

• “Data Leakage” detection (eg. Vontu, Tablus, Verdasys, etc.)

• More of the same network, system, application controls

• Stronger OS controls (Vista, etc.)

• DRM and “data level security”

Closing

Back|Track - www.remote-exploit.org/backtrack.html Top 75 Tools - http://www.insecure.org/tools.html Packet Storm has tens of thousands of free hacker tools available

- http://www.packetstormsecurity.org WabiSabiLabi -

http://www.wslabi.com/wabisabilabi/initPublishedBid.do

Thank you for being part of the solution!