Forwarded from: Dave Dittrich <dittrich (at) u.washington.edu> > http://www.itnews.com.au/News/98524,cybercrimeasaservice-takes-off.aspx > > By Ry Crozier > ITNews > 12 March 2009 > > Malware writers that sell toolkits online for as little as $400 will > now configure and host the attacks as a service for another $50, a > security expert has said. > > Speaking at the Vasco Banking Summit in Sydney yesterday, the > company's technical account manager, Vlado Vajdic, told delegates that > cyber crime was becoming so business-like that online offerings of > malicious code often included support and maintenance services. > > Additionally, he said, cybercrime outsourcing would become a key trend > in 2009. I'm sorry to have to burst the prediction bubble here, but this has been going on for several years. I have maintained a web page on DDoS attacks since 1999. Search the page for the word "hire" and you will find several stories of cybercrime-as-a-service from 2005: http://staff.washington.edu/dittrich/misc/ddos/ Specifically, start reading at page 15 of "U.S. v. James Jeanson Ancheta" and you will see an offering of malicious code, including support and maintenance services: http://news.findlaw.com/hdocs/docs/cyberlaw/usanchetaind.pdf There are two other cases in the same section of the web page where the FBI successfully investigated and brought indictments on similar "DDoS-for-hire" cases. The other two do not involve selling the service to third parties (with support and maintenance), but do show that people have been paid to create/use botnets for financial crimes. When something makes it into the legal process, which means it is causing damages significant enough to justify application of the expensive legal process, I would say the trend has already been well established. Note to reporters: When writing a story about predictions of future trends, check my web page first (or contact me directly) and see if the story is really new. -- Dave Dittrich dittrich (at) u.washington.edu http://staff.washington.edu/dittrich PGP key http://staff.washington.edu/dittrich/pgpkey.txt Fingerprint FE97 0C57 0843 F3EB 49A1 0CD0 8E0C D0BE C838 CCB5 _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Mon Mar 16 2009 - 01:12:18 PDT
This archive was generated by hypermail 2.2.0 : Mon Mar 16 2009 - 01:20:40 PDT