Watch your step

“Terrorists are effectively using the Internet banking system for financing their operations. Money is easily transferred from the various destinations of the legitimate businesses to the accounts of the terrorist. They prefer this because of the secrecy and anonymity they can maintain with their banking operations,” says Mayur Joshi, Founder and Director, Indiaforensic Consultancy Services.

 

In July 2006, McAfee, the security technology company, announced that it had officially released protection for the 200,000th cyber threat in its database. Since January 1, 2006, McAfee has added approximately 50,000 new threats to its database and is on track to exceed 225,000 new threats by the end of the year.

So while the New Year should hopefully see growth in almost every sphere of life, cyber crime unfortunately won’t lag behind.

As Greg Day, Security Analyst, McAfee Inc, has said, “Cyber crime is no longer in its infancy, it is big business. Criminals can make fast money with minimal risk and their ranks are growing with that realisation. With technology continually evolving, criminal opportunity is also growing; opportunity that is global and unrestricted by geography, language or appearance.”

But the good news is that the awareness of cyber crime too seems to be on the rise.

The Indian security market is changing dramatically, believes Vishal Dhupar, MD, Symantec India. “A few years ago, discussions on security were limited to anti-virus and firewalls, but today companies are seriously analysing the causes of internal threats to their data.”

Targeting Teenagers

While credit card fraud and finance-related crimes are on the upswing, what needs special attention is the fact that cyber criminals today are working to lure people as young as 14 into their criminal nexus.

According to a McAfee report, a new breed of criminals is emerging in cyberspace that is mostly from the student community.

Kartik Shahani, Director, Sales, India and SAARC, McAfee Inc, says, “Internet-savvy teens are being attracted to cyber crime by the celebrity and `cult status’ of hi-tech criminals and the promise of making money without the risks associated with traditional crime.”

To illustrate his point, he cites a case In 2006, an almost full 1GB flash drive of classified US Military Information was apparently lost and later sold at an Afghani bazaar outside a US Airbase by a teenager for $40.

Shahani suggests that one effective way to protect one’s child, besides installing safety software, is keeping the computer where everyone can see what the child is doing on the system and monitor hours of use.

Signs that your child has sudden money or is spending more than you have given him could well be signs that he has been lured into a criminal nexus, he says.

Evading detection

Dhupar says there would be a resurgence in `polymorphism’ and other evasion tactics in the Win32 malicious code.

Putting it simply, as Dhupar says, “A polymorphic virus can change its byte pattern when it replicates and is able to avoid detection by antivirus techniques.”

Due to the difficulty in detecting and removing these viruses, criminals use polymorphic techniques at all levels of malicious code development.

Therefore, the `one detection cure for all’ solution is not good enough.

One can never be too cautious for, as Dhupar says, “Home users and small businesses worldwide lack the expertise to recover from threats. Additionally, without proper protection, skills and the perimeter defences of a large organisation, they may not even be able to determine that they have been compromised.”

Cyber extortion

Websense SecurityLabs cautions of an emerging form of cyber extortion.

Surendra Singh, Head, South-East Asia and India, Websense Inc, says, “This form of cyber-extortion is a variant of Ransomware, which refers to malicious programs that encrypt documents on the victim’s computer and ask for a payment in order to decrypt the files.

Unlike previous documented cases, this new type of attack compromises users’ online mail accounts. When end users log into their mail accounts, they notice that all their `sent’ and `received’ e-mails are deleted along with all their online contacts. The only message that remains is one from the attackers that suggests that they be contacted for payment in order for the user to get back the data.”

The motive is, of course, financial gain. Intellectual property can be highly valuable.

Money matters

How safe is our money in banks and other institutions, especially with the proliferation of Crimeware?

“Crimeware is a class of computer programs designed specifically to automate financial crime.

Crimeware (as distinct from spyware, adware, and malware) is designed to perpetrate identity theft by accessing a computer user’s online accounts at financial services companies and online retailers for the purpose of taking funds from those accounts or completing unauthorised transactions that enrich the thief controlling the crimeware,” says Dhupar.

Most financial institutions use anti money laundering software to keep criminals from stealing money money that can be used, for instance, to finance terrorist activities across the globe.

“Terrorists are effectively using the Internet banking system for financing their operations. Money is easily transferred from the various destinations of the legitimate businesses to the accounts of the terrorist. They prefer this because of the secrecy and anonymity they can maintain with their banking operations,” says Mayur Joshi, Founder and Director, India Forensic Consultancy Services.

This might recall James Bond to your mind, and his effort to cut money flow to terrorists by defeating the terrorist’s financier in a card game. But, as Pradeep Akkunoor, Director, India Forensic Consultancy Services, says, “A real-life James Bond, though, is more likely to be investigating the Suspicious Transaction Reports (STRs) taken from an Anti-Money Laundering system in a bank.”

Safety tips

Symantec offers these tips to the computer user.

The most important protective measure is to employ defence-in-depth, which emphasises multiple overlapping, and mutually supportive defensive systems to guard against single-point failures in any specific technology or protection method.

For consumers, this means using an Internet security solution that combines anti-virus, firewall, intrusion detection, vulnerability management and behaviour-based analysis engine.

Consumers and businesses should ensure that security patches are up-to-date and applied to all vulnerable applications in a timely manner.

Businesses and consumers should have emergency response procedures in place, including having a backup and restore solution.

Don’t click on URL links in suspicious e-mails, warns Symantec. When visiting banking, credit card or service provider Web sites to enter personal information, type the Web site’s URL directly into the Internet browser, it says. And regularly review financial statements.