Update on the underground economy and making profit on the black market
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

Update on the underground economy and making profit on the black market PowerPoint PPT Presentation


  • 122 Views
  • Uploaded on
  • Presentation posted in: General

Update on the underground economy and making profit on the black market. Wojciech Lapka CERN. Presentation plan. Main security threats in 2008 What’s for sale on black market? Value of advertised goods Malicious tools Software piracy Payment methods Security predictions for 2009

Download Presentation

Update on the underground economy and making profit on the black market

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Update on the underground economy and making profit on the black market

Update on the underground economy and making profit on the black market

Wojciech Lapka

CERN

IT/GD Group Meeting, 05 February 2009


Presentation plan

Presentation plan

  • Main security threats in 2008

  • What’s for sale on black market?

  • Value of advertised goods

  • Malicious tools

  • Software piracy

  • Payment methods

  • Security predictions for 2009

  • Mitigation and protection

  • Conclusion

IT/GD Group Meeting, 05 February 2009


Main security threats in 2008

Main security threats in 2008

  • Web infections

    • 75% of websites with malicious code – legitimate sites that have been compromised.

  • SPAM & phishing

    • Phishing attacks – Cost: $2 billion in 2008 (only in the U.S.)

    • Blog & social networking

  • Scareware

    • Cost: $3.6 billion in 2008 (only in the U.S.)

  • Data breaches

IT/GD Group Meeting, 05 February 2009


What s for sale on black market

What’s for sale on black market?

IT/GD Group Meeting, 05 February 2009


Value of advertised goods

Value of advertised goods

  • $276 million (July 2007 – June 2008)

IT/GD Group Meeting, 05 February 2009


Real value of advertised goods

Real value of advertised goods

  • Credit cards – $5.3 bilion

  • Bank accounts – $1.7 billion, average balance $40,000

IT/GD Group Meeting, 05 February 2009


Malicious tools

Malicious tools

  • Attack tools

  • SPAM and phishing tools

  • Malicious code

  • Exploits

IT/GD Group Meeting, 05 February 2009


Attack tools

Attack tools

IT/GD Group Meeting, 05 February 2009


Spam phishing tools

Spam & phishing tools

IT/GD Group Meeting, 05 February 2009


Malicious code

Malicious code

IT/GD Group Meeting, 05 February 2009


Exploits

Exploits

IT/GD Group Meeting, 05 February 2009


Software piracy

Software piracy

  • Global loss for software companies: ~ $48 bilion (in 2007)

IT/GD Group Meeting, 05 February 2009


Payment systems

Payment systems

  • Online currency accounts – 63%

    • Service offered worldwide

    • Some providers do not require proof of identity

    • No government regulations. No requirement to monitor customers or transactions

  • Trade of goods and services – 24%

    • Direct exchange between buyer and seller.

  • Online payment service – 9%

    • Stolen credit cards

    • Compromised online payment accounts

  • Wire transfer service – 3%

IT/GD Group Meeting, 05 February 2009


Security predictions for 2009

Security predictions for 2009

  • Security Analysis Changes from Technical to Financial Prioritization

  • Malware as a Service

  • Scareware

  • More legitimate website hacking

  • Social networking spam

  • Impact of financial crisis

  • Mobile malware

  • Hacking on virtual words

IT/GD Group Meeting, 05 February 2009


Protection and mitigation

Protection and Mitigation

  • Education – e.g. IT Security Podcasts:

    • http://www.symantec.com/about/news/podcasts/

    • http://www.sophos.com/security/podcasts/

    • http://news.cnet.com/security-bites-podcast/

  • Education – Group Meeting Presentations

  • Keep confidential information in secure place

  • Ensure security of your software (especially Web Applications)

  • Apply all security patches

IT/GD Group Meeting, 05 February 2009


Sources

Sources

  • http://www.symantec.com/business/theme.jsp?themeid=threatreport

  • http://www.sophos.com/sophos/docs/eng/marketing_material/sophos-security-threat-report-jan-2009-na.pdf

  • http://www.consumerreports.org/cro/electronics-computers/computers-internet/internet-and-other-services/protect-yourself-online/overview/protect-yourself-online-ov.htm

  • http://securitylabs.websense.com/content/Assets/WSL_Report_Web_1h08.pdf

  • http://global.bsa.org/idcglobalstudy2007/studies/summaryfindings_globalstudy07.pdf

IT/GD Group Meeting, 05 February 2009


Conlusion

Conlusion

  • “Hacking isn’t a kid’s game anymore. It’s a big business”

  • Internet attacks organized and designed to steal information and resources

  • Security (like safety) is our responsibility!!!

IT/GD Group Meeting, 05 February 2009


Questions

Questions?

IT/GD Group Meeting, 05 February 2009


  • Login