Tag Archives: botnet

Pulling together to beat the bad guys – why the fight back starts here

When will we finally win the war on cyber crime? It’s a question that many people may be wondering given that the war itself has been rumbling along for more years now than most can probably remember. The problem is that there’s unlikely ever to be a unanimous victor – the best that we can hope for is to limit the capacity of the bad guys to cause trouble as much as possible. But if we’re going to do this we’ve got to pull together like never before.


Cyber crime has evolved into something much more dangerous, more global and more pervasive than anyone could have possibly predicted 20 years ago. Gone are the script kiddies, spreading fairly innocuous viruses from their bedroom laboratories. Our foe now is well-resourced, highly organised, geographically dispersed and incredibly agile. Cut off one head of this virtual cyber hydra and two more spring up in its place – as long as there’s money to be made or advantage to be gained, cyber crime will flourish.
In more recent years, technology has democratised the means to launch cyber attacks, making it no longer the preserve of technical experts, while at the other end, advanced persistent techniques have made some attacks more sophisticated and difficult to spot than ever before. A vast and highly organised underground infrastructure has evolved to give criminal gangs everything they need, from the web hosting, to the malware, to the compromised networks of computers (botnets), to even money laundering services. It’s all there to support cyber crime on an industrial scale.


These efforts are not just aimed at draining your bank account anymore, either. Increasingly sophisticated attacks are targeted at critical infrastructure organisations – banks, utilities, energy companies, governments – to blackmail them or steal information which could give private competitors or rival states an advantage.


We rely so much these days on the internet, and the cloud computing services built on top, and the bad guys know it. As more of the world comes online and our dependence on the cloud increases, we can only expect greater and greater volumes of attack and sophisticated new techniques for stealing our data and disrupting our infrastructures.


In the face of this onslaught, the only effective way to fight back is to build a coherent, collaborative, proactive response. In the past, efforts have been held back by the geographically dispersed nature of internet crime, the reluctance of governments to engage and a lack of available resources.

Happily, that’s no longer the case. In 2011, the International Cyber Security Protection Alliance (ICSPA) was formed – a not-for-profit body with a mission to facilitate dialogue and information sharing across government, law enforcement and business, as well as providing direct support to those agencies or governments who lack the knowledge or structures to be an effective player.
Trend Micro is proud to be one of its founding members alongside companies like Visa Europe, Atos and Shop Direct Group, and we welcome the ICSPA’s strategic partnerships with the likes of Europol and City of London police.


Building on its work, the ICSPA has announced Europol will be leading its Project 2020 initiative – a comprehensive study into the future of cyber crime drawing upon the resources of its ICSPA members and international law enforcement teams.


It’s a great initiative which will look to raise awareness of what the future looks like, providing guidance on defence tactics for governments, firms and citizens.


Cyber crime evolves incredibly quickly and it needs the co-operation of all internet stakeholders –information security vendors like Trend Micro, IT professionals, academia, law enforcement, national governments and businesses – in order to provide a coherent and effective response.


There’s no telling what the cyber threat landscape will look like by 2020, but in the meantime if we work together to improve our knowledge and awareness we can begin to take the fight to the bad guys.


The fight back starts here.


Tony Larks

About Guest blogger Tony Larks:
Tony Larks is Vice President of Global Consumer Marketing at Trend Micro. Tony has extensive experience in networking, business development and marketing. He is a frequent contributor to Trend Micro Fearless Web and lives in Marlow, Buckinghamshire which is located 60 kilometers west of London in the United Kingdom.



D(NS) Day – Nobody home?

The DNSChanger malware modified the local DNS settings of an infected PC. This meant that criminals could assume control over the DNS resolution of the victim computer, effectively redirecting it to any destination of their choice, rather than the bank or search engine the user originally intended to visit (for example).
This ability was used primarily for click fraud by the Esthosts gang, redirecting searches and sites, to generate revenue by defrauding advertisers and advertising networks.
PCs which are still infected by the malware, or whose settings have not been corrected, even after the infection was cleaned up, are still querying those criminal servers. The FBI have been operating those servers since the warrant was executed, but their right to do so has now expired and the servers will be shut down. Meaning that any queries from those 300,000 computers will fall on deaf ears and to all intents and purposes, the web will go dark for the affected users
At the time when Trend Micro co-operated with the FBI in bringing the Esthosts gang to justice, we believed about 4 million PCs to be affected. This number has since dropped to about 300,000 and this should be considered a success. However with the definitive shut-off of the criminal DNS servers today, those 300,000 people face a potential total loss of web access.
If you’re reading this, you’re ok, but if your neighbour comes to your door asking who broke the Internet, now’s your chance to play knight in shining armour. And if you work on an ISP help desk… May the force be with you!

Image Credit: Camera Eye Photography