zveloBLOG™ - alerts, discussions, studies, articles, white papers about the latest malware, spam, phishing scams, and other Web threats researched or detected by zveloLABS™.

zveloBLOG

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
Posted by on in Web Security
  • Font size: Larger Smaller
  • Hits: 10270
  • 0 Comments

Anti-Phishing Working Group (APWG) 2011 eCrime Researchers Summit Highlights

Anti-Phishing Working Group (APWG) - official logo'

The 2011 Anti-Phishing Working Group (APWG) eCrime Researchers Summit, out of San Diego, California, moved fast with a number of interesting presentations and fascinating people. The APWG is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that results from phishing, pharming, malware and e-mail spoofing of all types. The eCrime Researchers Summit brings together malware researchers, counter-eCrime developers and responders, and includes the 2011 Fall General Meeting. Here are some highlights from the event.

 

The “legacy loop” is a problem for computers and software in general. New software is built for older hardware, and newer hardware is built to run older software. If radical changes occur, hardware and software typically fail in the market. This “loop” results in the computer security industry solving the same recurring problems. As the scale of the Internet and the complexity of computer use increase, security failures increase as well.

 

Several presentations hit the idea that regular computer users need to be trained to avoid installing malware or giving away their identity, best conducted immediately after they have fallen victims to phishing, malware, identity theft or a number of other web threats. One method is to identify and notify users infected with a botnet, accompanied with information on how to clean their system. ISPs can also place infected users into quarantine with limited Internet access. The Japanese and German governments funded and supported similar efforts to get national ISPs to detect and notify their users about malware running in their networks. These campaigns were successful and greatly reduced the number of infected systems running in those two countries.

 

We heard about the success of “red teams” that run targeted attacks as tests. These simulated attacks achieved 100% success, and used combinations of social engineering, “pretexting” to attain physical access, and other network attack tactics. Alarmingly, none of the tested commercial organizations proved secure.

 

There was much focus on information sharing and the need to improve the cooperation between academic researchers, corporate security teams (banks and security vendors), ISPs, government resources and law enforcement. Working effectively with law enforcement is difficult because of limited police resources, and due to the levels of misunderstanding between corporate data collection, academic data collection, and the standards of evidence that are needed to run a successful prosecution. In relation, it is important to establish the amount of damage that is happening. Stealing $10 from a few botnet-infected users is not a big enough issue, but stealing $100 million from millions of users is worthy of attention. Prosecutions prove difficult because of a lack of adequate documentation. On the corporate side, investing the resources needed to successfully prosecute criminals is often not worth the amount of money the crime is causing.

 

A demonstration of how easy it is to run a botnet was also given. It took only 15 minutes to configure and build the infecting EXE program, install it on a virtual machine running Windows, and for it to start reporting to the botnet controller. It has become so easy to do that almost anyone with a computer can become a bot-herder, stealing banking information and selling stolen identities and credit card numbers.

 

The APWG eCrime Researchers Summit proved an invaluable event, and reminded zveloLABS™ of the recurring challenges information security professionals face every day and the need for a unified, global and multi-faceted approach to effectively combat web threats.

 

Anti-Phishing Working Group (APWG) - eCrim 2011 Summit logo - Silicon Valley - San Diego

 

Trackback URL for this blog entry.
  • Sam Claflin

    Posted by Justin Bieber on 24 Aug 2012
    Tony Farmer ...
  • education funding

    Posted by gifted education on 23 Aug 2012
    teaching education ...
  • college grants

    Posted by college scholarships on 22 Aug 2012
    babson college ...
  • business loans

    Posted by business current events on 21 Aug 2012
    business articles ...
  • grants for education

    Posted by education jobs on 20 Aug 2012
    education consultant ...
  • Vernie Kesselring

    Posted by Reinaldo Accala on 10 Aug 2012
    Jeremiah Baque ...

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest 24 Apr 2014