Clash Of The IT-ans: How To Stop Cybercrime

In Greek mythology, Zeus is ruler of the Olympians, the god of the sky and thunder. In the world of cybercrime, Zeus is equally feared, but for a different reason. It is a sophisticated Trojan Horse, which, has infiltrated almost 90 percent of Fortune 500 company networks, with almost 300 of those firms having their email account information stolen- according to RSA research.

Trojan Horses are malware that allow hackers to access and remotely control computers. The Zeus Trojan represents the most sophisticated toolkit available for cyber criminals, and is being sold on underground forums for up to Rs. 180,000 INR. For criminals with less ‘startup’ capital, many alternatives exist on the black market, with less sophisticated Trojans costing around Rs. 45,000INR.

Apart from such tools, criminals can also purchase private information or credentials online. Such personal banking data (such as online banking logins, or serial numbers, date of births and mothers’ maidens’ name) are also available at much lower prices. Cyber criminals can easily use this information to modify billing addresses to fraudulent purchases of big ticket items online, before having them resold into grey markets.

Security vendors are working around the clock to beef up the security of banks and private data, with various methods such as encryption and tokenisation being used to safeguard customer’s information. Additionally, the Payment Card Industry Data Security Standard (PCI DSS) acts as a worldwide standard to help reduce credit card fraud. Despite these efforts, cyber criminals continue to run rampant, which is dangerous as majority of attacks are focused on financial institutions.
While such attacks usually occur in the US and UK, this trend has started shifting to the Asia Pacific, with India slipping into the top ten countries worldwide by attack volume. China, South Korea and Australia all remained on the list of the top ten countries that host such attacks, with 15% of phishing attacks globally originating in their countries.

To combat the rise in cybercrime, security vendors are also paying more attention to online forums that act as markets for cyber criminals. These online forums act as platforms for cyber criminals to exchange their criminal tools, services, and know how, and are also used to hawk the private data harvested through the use of such tools and services. With these forums proving to be extremely influential in cybercrime operation, it is no wonder that law enforcement agencies have been working together with the security industry to shut down such forums. One such forum, DarkMarket, was infiltrated and shut down in 2008, leading to nearly 60 arrests worldwide. In a move intended to discourage cybercrime, the founder of the forum was this year sentenced to five years imprisonment.

A detailed analysis of the underground cyber criminal forums paints a clear picture of the kind of ‘profit margins’ cyber criminals can stand to gain from participating and transacting in such black market forums. For example, apart from the pricier Trojans, services such as ‘fraudulent phone calls’, ‘phone-flooding’ and ‘distributed denial of service attacks’ can be purchased, all for less than Rs. 2,200 INR.

With cybercriminals establishing themselves on online forums, it has become necessary for security vendors to work closely with government law enforcement agencies to infiltrate these forums, gather as much information on its visitors and users as possible, before shutting them down and making appropriate arrest. With the Asia-Pacific region often on the receiving end of such criminal activities, security vendors in the region need to be alert to the dangers and be prepared to combat cybercrime.

Cyber criminals continue to evolve and innovate, with there being reports over an upgraded Zeus Trojan which can avoid analysis and hostile takeovers. As fraudsters continue to upgrade and improve their tools, it is important for security vendors to take the necessary steps to stay one step ahead, less they end up losing too many battles in the war against cyber warfare.

The author is Technology Consultant Director, APAC and Japan, RSA.