Psilva's Prophecies

Peter Silva

Subscribe to Peter Silva: eMailAlertsEmail Alerts
Get Peter Silva: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: SSL Journal, Security Journal, Secure Cloud Computing, Data Mining, Data Services Journal, IT Strategy

SSL Journal: Blog Feed Post

Cybercrime, the Easy Way

Gone are the days when you had to visit a dark alley to get a crook's cookbook

Security Track at Cloud Computing Expo

The Dummies series is a great collection of ‘How to' instructions on a wide array of topics and while they have not published a ‘Cybercrime for

Register Today and Save $550 !
Explore Sponsorship Opportunities !

Dummies' booklet (and don't think they will), DYI Cybercrime Kits are helping drive Internet attacks.

Gone are the days when you had to visit a dark alley to get a crook's cookbook.

You don't need to be an expert or tied to some sophisticated crime ring but now you can infect, spam, phish and generate other dastardly deeds with the best of them.

Similar to downloading and using iTunes, P2P applications, IM services, Skype and others to accomplish those specific tasks, you can get a Cybercrime toolkit to go with your black ski mask, getaway car and evil lair hideout.  You don't really need any technical knowledge since all you do is install the program, tell it what you want, customize the message, send the infection and wait for the program to tell you when you've hit gold.  The early ‘hacking' sites like www.2600.com or www.L0pht.com use to allow you to download your favorite virus to send to friends.

Granted, many organizations used their malicious code to test their own systems and they've since become more industry friendly and still provide great insight into the ‘black-hat'ing' community.  I've even used L0phtcrack several times over the years.  Remember, downloading a root kit isn't necessarily a crime, it's what you do with it that might be.

The initial data breach numbers for 2010 are already staggering.  In just a couple weeks, around 1,233,432 records have already been breached according to Privacy Rights Clearinghouse - that's an average of over 68,000 a day.  During 2009, Panda Labs saw a 77% increase in banking theft Trojans compared to 2008 which directly corresponded with the increase in available kits.  As this trend continues, the ‘Kids with Kits' will be competing with the ‘Established Mobs' for your passwords, money, identity and any other valuable items/info to sell or use themselves.

Certainly, users need to be extra vigilant when receiving suspicious emails with ‘Click Here:' boldly pronounced and organizations need to realize that their systems will be poked, prodded and tapped even more this year.  On the web facing front, deploying a Web Application Firewall, like BIG-IP ASM, not only protects against the typical, well known attacks like SQL Injection, DoS, Brute Force and Web Scraping; but can also help with identifying that bad-boy with IP Geolocation and ASM has always helped to keep you compliantBIG-IP GTM v10.1, with the new DNSSEC feature, secures your web property against DNS Cache Poisoning and other malicious redirects.  The FirePass SSL VPN and other BIG-IP products offer End Point inspection to ensure that the requesting host abides by your security policy prior to gaining access and Encryption to keep the traffic secure.  The BIG-IP MSM takes a bite out of unwanted spam.  Even BIG-IP LTM with it's virtualization capabilities among other security features provides some network firewall functionality and with BIG-IP PSM, you get powerful security services for HTTP(s), SMTP, and FTP at BIG-IP speeds.

Now that it's gotten easier for anyone to become a cybercriminal, your defenses must be also be easy and quick to deploy.  F5's BIG-IP systems give you the control, power and ease of use to thwart both the organized crime syndicates and those rookies just getting into the game.

Read the original blog entry...

More Stories By Peter Silva

Peter is an F5 evangelist for security, IoT, mobile and core. His background in theatre brings the slightly theatrical and fairly technical together to cover training, writing, speaking, along with overall product evangelism for F5. He's also produced over 350 videos and recorded over 50 audio whitepapers. After working in Professional Theatre for 10 years, Peter decided to change careers. Starting out with a small VAR selling Netopia routers and the Instant Internet box, he soon became one of the first six Internet Specialists for AT&T managing customers on the original ATT WorldNet network.

Now having his Telco background he moved to Verio to focus on access, IP security along with web hosting. After losing a deal to Exodus Communications (now Savvis) for technical reasons, the customer still wanted Peter as their local SE contact so Exodus made him an offer he couldn’t refuse. As only the third person hired in the Midwest, he helped Exodus grow from an executive suite to two enormous datacenters in the Chicago land area working with such customers as Ticketmaster, Rolling Stone, uBid, Orbitz, Best Buy and others.

Writer, speaker and Video Host, he's also been in such plays as The Glass Menagerie, All’s Well That Ends Well, Cinderella and others.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.