Security Experts:

Cybercrime Never Sleeps

Cyber criminals don’t carry weapons or even leave the comfort of their homes. Botnet and phishing systems are constantly aware of their vast network...

You just had big anniversary weekend in the city - packed the kid off to grandma’s, drove into town and parked for the night at a four-star hotel. Had a wonderful dinner, watched George Winston in concert at a beautifully renovated theater, went for drinks at a legendary bar and then back to the hotel with a room special enough to relive your wedding night. Welcome to the comfort of middle America, the dream of our generation.

What you missed, however, was the darker half of society. Your car didn’t get stolen from the parking garage, but two others did. You didn’t realize the waiter has a cocaine problem hiding under that starched white shirt. Your leisurely walk to the bar was not marred by a junked-out kid, but the couple down the hall from you at the hotel did give up their cash and jewelry to him. At least one of the stylish women at the bar was an escort, and the bartender took home a few credit card numbers.

CybercrimeYou didn’t see this half of society because you were lucky and, quite honestly, you weren’t looking. You may have been nodding your head up to this point, though, because while you didn’t experience it, you do know this seedier side of life exists; it just seems so remote.

Remote that is, until you’re the victim.

The probability of experiencing a crime is remote, just 3.3% (according to the US Government’s Disaster Center). We can put a name to it and understand its cause and effect on society.

While you enjoyed the city, your 12-year-old son spent the weekend in his version of middle American bliss, with Grandma. As is the duty of grandmas everywhere, she spoiled him with too much food and a late night. Also, being a bit more progressive than most grandmothers, she let him spend far too much time on her 2-year-old Dell desktop computer.

Your son’s PC time included surfing the Web, playing on-line video games and wandering to a few of the ‘racier’ sites that he would never get away with at home – boys will always be boys.

Unfortunately, grandma’s computer is just a bit out of date. The factory-installed virus protection software expired last year, and her version of Internet Explorer missed the last few automatic patches.

In the two hours of his web surfing, your son encountered six infected websites that attempted to install malware on grandma’s computer. Two of the attacks came from the ‘racy’ side trips, one came from a site that claimed to be able to help your kid with ‘cheats’ for his on-line video game passion – but the other three came from sites that most of us would consider safe. Your son had no idea he was the target of any attacks.

On the bright side, four of the malware attacks were repulsed by Grandma’s virus protection software that, while old, could still handle some of the older types. The other two malware attacks were a study in today’s cyber crime underground, though. The first made it through the aged virus software and lodged itself firmly into the Dell’s operating system and hard drive. It would take an expert even to detect its presence, let alone remove it.

The second attack was built by a Korean hacker whose goal is to build a huge network of bots (web robots), creating a botnet (a collection of compromised computers) to become his ticket to cyber crime-funded financial freedom. This second malware assault immediately identified the resident bot from the first attack and in a few microseconds neutralized the first (yes, a literal attack and killing occurred), then snuggled into the void left by the first bot. Once again, your son was oblivious to what had occurred.

When your son went to sleep that night, Grandma finally got a chance to sit down, watch a little TV and check her email (as I said, a progressive lady). One of the emails, from Citibank, warned that her account was about to expire and asked, Could she please just verify her account information? Sadly, Grandma was being phished. She went to the bogus website noted in the email (if asked, she would have said it looked so real) and entered her Citibank login credentials.

Before we feel bad that Grandma fell for the phishing scam, we should note that the new bot her grandson invited into her life was now recording her every keystroke and texting it to its bot herder in Korea. Grandma’s bank credentials, and every other on-line financial account she has, would have been toast before long anyway.

In the middle of the night, the bot on the old Dell was awakened by its Korean command-and-control network and became part of a Distributed Denial of Service (DDoS) attack on the Bank of America– one of 6 million bots that participated.

So as to not waste spare bot time, the Dell also was instructed to send out a spam email every 10 minutes. The email even you might have received (from the personal attorney to the late Capt. Peter Force, a German national, about the boxes of gold) may have come from Grandma’s computer, or the nice grade school teacher in Idaho. Most spam messages are sent from bot-controlled zombie computers. In fact, the Rustock Botnet was sending as many as 13.82 Billion spam emails each day before it was taken down in March 2011 by an effort headed by Microsoft in cooperation with authorities and the legal system. 

Oh yes, Grandma’s Citibank account information was sold on the cyber black market that same night 18 times at $100 each time (the hacker never considered lying about his buyers being the only ones; there is no honor among thieves). Grandma’s soon-to-be-collected credit card information will be sold for $10 each, and her identity will have been stolen before the end of the year. It will be a hard year for her.

CybercriminalsUnlike the parents, Grandma and the kid were unaware of the seedier side of society they came into contact with that evening: the cyber world.

Unlike the physical crime we can identify and understand, cyber crime is absolute magic to us. We cannot touch it and often wouldn’t have the faintest idea of how to identify, avoid or report it.

Chances are you will never be mugged and your car will never be stolen. But, your computer is being attacked every day, and you are the recipient of ever-evolving phishing emails. The 2011 Norton Cybercrime Report estimates the total cost of cyber crime at $388 billion per year. Keep in mind that cyber criminals do not need to be in your city or even your country to target you as a victim. This same report disclosed that more 74 million people in the United States (about one in four) were victims of cyber crime in 2010. These criminal acts resulted in $32 billion in direct financial losses. Worldwide cyber crime already surpasses the total of black-market marijuana and cocaine sales, Norton says, which exceeds $288 billion.

Cyber criminals don’t carry weapons or even leave the comfort of their homes. The botnet and phishing systems they use are constantly aware of their vast network, which grows virally without human intervention.

Any fan of the cult classic Matrix movies can see the potential of these cyber crime systems to become the sentient network that rules the world of the future. Meanwhile, be very, very careful about who you let use your computer. Even if they are relatives.

Related Reading: Black Hole Exploit - A Business Savvy Cyber Gang Driving a Massive Wave of Fraud

Related: Living Under Watchful Eyes as a Fraudster

Subscribe to the SecurityWeek Email Briefing
view counter
Alan Wlasuk is a managing partner of 403 Web Security, a full service, secure web application development company. A Bell Labs Fellow award-winner with 18+ years of experience building secure web applications, Wlasuk is an expert in web security - from evaluation to web development and remediation.
view counter