USA: POLL: “YOU are in IT. Is it OK what the NSA is doing?”

From: CyberheistNews

CyberheistNews Vol 3, 24

Editor’s Corner

POLL: “YOU are in IT. Is it OK what the NSA is doing?”

A new Washington Post-Pew Research Center poll asked Americans if they consider the NSA’s practice of obtaining telephone calls and email through secret court orders “acceptable.” As the Post’s exploration of the poll results notes, some people said the government should be allowed to go even further than it actually is. As you are probably aware, the NSA whistle-blower is 29-year old IT pro Ed Snowdon.

It’s my opinion that most people do not really understand the issue and I think it would be very interesting to see what IT professionals answer when they are asked the same questions. I will broadly announce the survey results in a few days, perhaps even a press release. I am asking the very same questions as the Post survey, with one exception where question 5 clarifies the amount of data being monitored.

It’s just 6 multiple choice questions and should take less than 2 minutes. Thanks so much for taking the time, this should be interesting !! Here is the link:
https://www.surveymonkey.com/s/NSA_OK

Citadel Botnet ‘Shutdown’ Makes Cybercrime Worse

It was all over the news. The Citadel botnet responsible for stealing more than 500 million dollars out of bank accounts from both individuals and organizations worldwide has been largely shut down or so it seems if you read the breathless press. Citadel is a smarter and more sophisticated cousin of the Zeus Trojan.

Citadel is an example as Crime-as-a-Service and has been sold since 2012 in do-it-yourself crime kits that cost $2,400 or more. The malware itself is installed on workstations using social engineering. End-users were tricked with phishing and spear-phishing into clicking on links which infected their workstations.

The Press Release said that Redmond aligned with the FBI and authorities in 80 other countries to take down one of the world’s biggest cyber crime rings. Microsoft said its Digital Crimes Unit Wednesday took down at least 1,000 of an estimated 1,400 Citadel Botnets, which infected as many as five million PCs around the world and targeted on major banks.

Now, I agree that it’s about freaking time these gangsters were shut down, but there is quite some collateral damage with all this hoopla. Let’s have a look at what Microsoft actually did. They identified about 1,400 botnets and disturbed them by pointing the infected machines to a server operated by Redmond instead of the Command & Control servers controlled by the bad guys.

This is not new, technically this is called ‘sinkholing’, and it’s been around for a long time. Simply put, you redirect the traffic generated by the Trojan on an infected PC to the good guys, who then warn the owner so they can clean the machine.

It so happens that a lot of security researchers had created their own sinkhole domains and a good chunk of these Citadel botnets had already been sinkholed when Microsoft seized both the domains of the bad guys but also the domains of the security researchers. Nearly a 1,000 domain names out of the approximately 4,000 domain names seized by Microsoft had already been sinkholed by security researchers!

The problem is that sinkholing is just a game of whack-a-mole. Takedowns like this trigger countermeasures by the bad guys who simply respond by using a peer-to-peer architecture instead of command & control servers making it much harder to take them down.

Cybercrime cannot be stopped with takedowns; as a matter of fact takedowns make cybercrime worse. You need legislation in Eastern Europe, and sufficient resources for law enforcement to take down the bad actors themselves.

(Hat Tip to Abuse.ch)

PS, We have a new infographic you might like, explains Spear-phishing in terms that everyone can understand:
http://www.knowbe4.com/infographic/

PPS: And here is a new fun little quiz you can send to your users: “How Phish-prone Are You?”
http://www.knowbe4.com/how-phish-prone-are-you/

Quotes of the Week

“Time is a created thing. To say ‘I don’t have time’ is to say ‘I don’t want to.’” – Lao Tzu

“You will never ‘find’ time for anything. If you want time, you must make it.” – Charles Bruxton

“The future has already arrived. It’s just not evenly distributed yet.” – William Gibson

Leave a Reply

Your email address will not be published. Required fields are marked *