Ausinnovate Eric Olson Cyveillance inc

24 May 2010

Implications of Ubiquitous Broadband for

Cyber Crime Eric Olson, Vice President

Cyveillance, Inc.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Overview

• Definitions: Relevant areas of Cyber Crime

• General impact of ubiquitous broadband (UBB)

• Implications: How UBB changes the criminal opportunity

• From Implication to Prediction: What’s likely to happen

• Case Study: A Red Team Exercise

• Recommendations

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Relevant Areas of Cyber Crime

• Phishing and Identity Theft

• Data theft and industrial, international espionage

• Infection/compromise of servers and PCs, for:

– Spamming

– Criminal Hosting: Malware, fast flux, illegal content, Phishing, etc.

– DDOS attacks and Cyber Extortion

• Libel, defamation, character assassination, disinformation

Nearly every common aspect of online evildoing is accelerated

by widespread, high speed access.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

What happens in a UBB environment?

• Downloads are faster

• Mass hardware upgrades will likely follow

• Upload speeds are faster

• It’s always on

• Prices fall, open/public access grows rapidly

• Home and SMB use of WiFi explodes

The facts are obvious, but we’ll consider why each matters.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Implications of those differences

For cyber criminals, these changes have powerful implications.

• Hot to Bot – Instant appeal for the Bot-herder

• Why fast upload and download speeds = more data theft

• “Cyber Street Crime” – A lot of cyber crime is actually

local to the victim

• Totally New Problems: Some crimes essentially don’t

exist without broadband

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

From Implication to Prediction

Hot to Bot – Let’s remember, botted machines are a means to

an end. What makes a PC useful to the zombie army?

• IF Botnets are used for spamming, DDOS, hosting, etc.

• THEN slow machines and pipes are of little use to bot.

• SINCE Faster pipes mean fun new capabilities,

• AND mass hardware upgrades inevitably follow

• RESULT is that environments that held little appeal for

infection will be targeted (i.e. ideal drone machines)

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

From Implication to Prediction

What does high-speed download mean? P2P use explodes,

and with it, both inadvertent and malware-driven data loss.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

From Implication to Prediction

Source: http://www.theregister.co.uk/2010/01/25/oil_companies_attacked/

What does high-speed upload mean? Data exfiltration

happens must faster, machine performance suffers less.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

From Implication to Prediction

With public (and badly secured) private WiFi everywhere, UBB

is an accelerant for Cyber street crime.

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

From Implication to Prediction

New Problems – some things basically don’t happen without

broadband. With UBB, expect them to grow exponentially.

Three simple examples just for illustration:

• Virtual World Crime

• Information/Disinformation Campaigns

• High-End Social Engineering

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Virtual Worlds, Real Crimes

From theft of in-game property to MMORPG sweatshops and gold-farming slavery, virtual worlds bring a host of new appalling activities for which laws may not even have a name, let alone a framework to prosecute.

Source: 1up.com - http://www.1up.com/do/feature?cId=3141815

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Free Speech or Untraceable Slander?

Anti-corporate or political activism once took resources, lobbying, publicity, money.

Today, any teenager with a Mac can make professional grade videos in minutes and garner an audience of thousands.

Source: youtbue.com

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

High-End Social Engineering

Long gone are the days when a stolen bank login or eBay

account constitute a sophisticated attacks.

Today’s truly high-end attacks share key aspects:

• The stakes are huge but illiquid

• The stolen data are extremely high value, but only to a

small group of people

• Very specific victims are researched by online footprint

and social networks. Both the social networks and the

targeting done on them are enabled by UBB

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Case Study – Red Team Exercise

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Case Study – Red Team Exercise

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Case Study – Red Team Exercise

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

We’re not making this stuff up…

Implications of Ubiquitous Broadband for Cyber Crime

Eric Olson – Cyveillance 24 May 2010

Recommendations

Understanding the implications of UBB can help individuals,

agencies and companies prepare for the challenges ahead.

Get proactive on every level

1. Awareness and Training – Entities, teach your staff

about risks to data, privacy, systems and customers

2. Policy – Prepare guidance for networked employees

3. Monitor – Understand “Internet Footprint” and monitor

yours to minimize risk

4. Governance – Legislators, security and elected

officials, plan for the challenges coming in a UBB world