How to fight cheap malicious hack tools (methods that are not available in any IT Courses)

Reading another shocking note posted on our IT Professional Linkedin Group

(available at their blog here:

https://infosecisland.com/blogview/4160-CRiMEPACK-Zombie-Exploit-Gets-Upgrades.html )

about another easy and cheap way that criminals

can use to hack their way into your precious data, I was thinking

How can we turn this unsolveable situation around?

Here is what I cam up with…let me know what you think…

The main question for us, the good guys is how can we fight that
“ease of use”.

Looking at it from the Sun Tzu’s “Art of War” point of view
and employing “go where the crowds aren’t” and
“if you can’t fight them, confuse them”…

I’d say maybe instead of defending, maybe we should create programs that
feed false data into malicious programs.

Only “authenticaed” processes will get feeded with real data.

Not easy at all, and requires a major mind shift, but maybe worth a look at…

Another option is to spread “malicious” copies of the malicious software that
once activated, reports all the details and activity of the operator.
Let them taste a bit of their own food!

Anyway, my way out of this massive problem, is “if you want to beat them,
think like them” (like done in the wonderful “Ender’s Game” book).

Let me know what you think…

P.S.

Here are links to Audio copies of Sun Tzu’s “Art of War” and free Audio book Coupon:

Bookmark It

Hide Sites

I was doing my regular daily security alert review when my eye caught this message:

Hackers have used advanced SEO (search engine optimization) techniques to have

their link appear on top of Google search results for searches related to “labor day”.

Imagine this: You live in the US, you just got your labor day vacation rolling, you pick up

a cool bear from the frig and head on to your laptop to stroll around the web, looking

for labor day deals. You always tend to buy when you are on vacation…right?

And then you see this nice link in Google search, click on it, and damn! It takes

you to web page warning you that your computer is infected with Viruses.

It then invites you to download a new Anti Virus – the best they have.

All this happens as you are pooling your credit card to get ready and buy something.

Shi*** you say, I can’t put my credit card online if I have a Virus.

Why didn’t that damn Anti Virus program I have warn me about that Virus.

And then you might actually download the new Anti Virus mentioned there and actually

get a Virus or a Trojan installed on your computer…

There are many reports showing that a large percentage of malicious computer programs

are built and set to gather personal data that will be used later on by organized crime

groups – yeh, people used to call it the “Mafia”.

My question to you is, how many times you think the Mafia takes Google each week?

How would you teach your friends get protected from those threats?

Maybe tips such as:

1. Consider shopping in web sites you already know and have in your bookmarks.

2. Even if you use Google or other search engine to look for deals, write down the details of the deal

and then search those details in the specific site they belong to (eBay, Best Buy, whatever)

3. Use tools that I sent you in the past such as Mcaffee Site Advisor.

4. Do not ACT according to websites you visit accidentally if  they warn that your computer is in danger.

I do not know a legitimate site that would do that. If you have concerns about your Anti Virus,

try out a new one, by looking in Computing Magazines

How should Google fight this using its IT Infrastructure?

Maybe incorporate Fraud Detection Tools in its search engine filter?

Create partnerships with Security Firms?

Start viewing its customer’s security as important as its search relevancy?

What do you think?

Bookmark It

Hide Sites

Computer Forensic…Computer Investigation…Forensic Cases…

It is always about some geek wearing old style clothes,

3-days beard, glazing eyes, lots of half eaten pizza remains around, empty

cans of beer scattered around and a refrigerator that looks like the dump bucket.

And then a beautiful young lady knocks on the door, asking for help

in her X-files type of investigation.

Our geek hero always knows how to get the critical data of the disks, camera

phone, printer, remote server, whatever.

Our hero knows how to break in, decrypt, analyze, summarize, save the girl

in the last moment from a crashing car, and drink some more beer.

Computer Crime resolved. End of Forensic Case.

But those days information is much more in a new set of locations…

Facebook, linkedin, twitter, web hosting sites, wordpress.com and

a bunch of other social media sites and services.

Well, our Hero says as he swallows another pizza, it is all out there!

All the information is there…anyone can look into web2.0 data…that’s

the whole thing about Web2.0.

Well…not sure about easy…that is why;

• People can have many identities
• Each Web 2.0 has a separate privacy policy
• Each Web2.0 service maintains or backups data differently
• It is easier to frame somebody innocent using Web2.0
• Web 2.0 data changes, moves and morphs all the time
• Web 2.0 data takes too much space to handle
• There are traffic limitations in trying to extract data
• Web 2.0 services are not stable in some cases
• You are messing not only with the service provider…you could be messing with the community

And on top of all that .. imagine how a public persona Computer Crime investigation over

web2.0 properties would look like to the Web2.0 community and providers…they

might see it as a major risk to their own well being and existence…

Nevertheless, Web 2.0 Computer Forensics use against Computer Crime is a field

all of us should look into more carefully.

Bookmark It

Hide Sites

Here is a post I have written some time ago, and left it on some forgotten blog.

Now I am reusing it to get our teeth chewing a bit at a nice subject

Every one is concerned about privacy – right ?

Its the right thing to do. And rightfully so.

Any web site you enter gives you the privacy speech, just before you give away your details.

Every one wants you to know they do their best to protect your privacy.

But is this really working for your best interest?

Sure, you don’t want some people to know what you are up to, here and their.

You don’t want any crazy people be able to track you down.

But looking at this from the other way around – it actually means ANYONE

you are in contact with, could be exactly that bad person you didn’t want to have any deal with,

at the first place.

Why ? Because he has his privacy protected, just as you do.

Staying just their, at the other side of the mirror, another option arises.

Maybe if we have each one of us identified very accurately, we could know who we are dealing with…

Maybe if we could create groups including only people and companies that are identified dropping

all that privacy mambo jumbo, we could have our email infrastructure automatically filter any SPAM it gets…

Maybe if we know whom we are buying from at eBay, we can feel more confident of the person behind that virtual store…

Maybe if we knew who is really on the other side of the ICQ chat, we could feel our kids are safer…

Take a look at projects such as http://openid.net/ and http://www.trustplus.com/

I believe they are pointing in that right direction…

When all of us have an identity on the net,as we do when we go shopping in the

Supermarket near our home, it will bring the internet to many more people.

They will feel safer.

Cause when they go shopping in the near by mall, they can choose to buy from someone they know.

Sure, anyone you meet on the real world can have a dark side you are not aware of.

But dealing with people on the internet who have no identity, is like buying from a person

at the mall who has his face covered with a mask.

Yep, there is money to be made here. If you have any doubt, pick any of the recent research people

showing how many persons are afraid to do their purchases online.

Yes the number online shoppers is increasing, but there are yet too many who are in fear of getting scammed.

And even those of us who are living on the internet know: we are not as much safe as we would like to be.

Is having real identity going to solve all our problems ?

Nope – having people identified, does not provide us with 100% security in the real world as well.

But why should we give up this security measure on our new way of leaving – on the internet.

And when someone does not want to identify himself on the internet, that’s fine.

We simply do not have any deal with him.

When this person finishes his private business he can make use of his real identity again and then

we are back in business.

So every one could be happy.

Just as in the real world.

Right ?

Do let us know what you think…

Bookmark It

Hide Sites