Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Profiling The Cybercriminal And The Cyberspy

From: InfoSec News <alerts () infosecnews org>
Date: Mon, 1 Oct 2012 00:37:44 -0500 (CDT)
http://www.darkreading.com/threat-intelligence/167901121/security/vulnerabilities/240008081/profiling-the-cybercriminal-and-the-cyberspy.html

By Kelly Jackson Higgins
Dark Reading
Sept 27, 2012

First in an occasional series on knowing the attacker.
Chinese hackers operate more as big-box, thrifty enterprises with bargain-basement mini-botnets and commodity malware. Eastern European hackers run higher-end operations with bulletproof hosting and custom-built malware. Chinese hackers hide in plain sight, but try to maintain a foothold in their victims' organizations. Eastern European hackers stage camouflaged, commando-type raids to grab and run off with valuable financial information.
Those are some of the telltale characteristics of two of the main types of attackers businesses and public-sector organizations face today -- and the types of threats studied most by security researchers. Increasingly, there has been a shift toward getting to know the enemy behind the malware, mainly as a way to put up better defenses from these inevitable attacks. But like most things, the more you know, the more you realize what you don't know.
Enterprises and government agencies today tend to worry more about Chinese cyberespionage attacks than the financial credential- and account-stealing activities of attackers out of the Eastern European region, says Tom Kellermann, vice president of cybersecurity at Trend Micro, which last week published a report comparing the M.O.s of East Asian and Eastern European attackers.
But Eastern Europe poses just as much of a threat, he says, and these attackers are typically more sophisticated overall, employing custom-built, complex malware, and running their operations out of bulletproof hosting providers and advanced botnets. Plus, they steal credentials that can quickly be monetized. "If I was CEO of a corporation, I'd rather deal with East Asia than Eastern Europe because the Eastern European hacker crew comes in like commandos targeting your house in the suburbs, knowing everything about that house and going in and out, and [before you know it], you're done and you may not know you're done," he says. 

[...]


--
Certified Ethical Hacker and CISSP with ExpandingSecurity.com gives the best
training and support. Last 2012 CISSP and CEH starts Oct. 1! Take action now
and be done before 2012 ends. Best program, best price.
CISSP info signup
http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
CEH info signup
http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
Our Live Online classes will not wreck your schedule.
Previous By Date Next
Previous By Thread Next

Current thread: