[ISN] Profiling The Cybercriminal And The Cyberspy

From: InfoSec News <alerts_at_private>
Date: Mon, 1 Oct 2012 00:37:44 -0500 (CDT)
http://www.darkreading.com/threat-intelligence/167901121/security/vulnerabilities/240008081/profiling-the-cybercriminal-and-the-cyberspy.html

By Kelly Jackson Higgins
Dark Reading
Sept 27, 2012

First in an occasional series on knowing the attacker.

Chinese hackers operate more as big-box, thrifty enterprises with 
bargain-basement mini-botnets and commodity malware. Eastern European 
hackers run higher-end operations with bulletproof hosting and 
custom-built malware. Chinese hackers hide in plain sight, but try to 
maintain a foothold in their victims' organizations. Eastern European 
hackers stage camouflaged, commando-type raids to grab and run off with 
valuable financial information.

Those are some of the telltale characteristics of two of the main types 
of attackers businesses and public-sector organizations face today -- 
and the types of threats studied most by security researchers. 
Increasingly, there has been a shift toward getting to know the enemy 
behind the malware, mainly as a way to put up better defenses from these 
inevitable attacks. But like most things, the more you know, the more 
you realize what you don't know.

Enterprises and government agencies today tend to worry more about 
Chinese cyberespionage attacks than the financial credential- and 
account-stealing activities of attackers out of the Eastern European 
region, says Tom Kellermann, vice president of cybersecurity at Trend 
Micro, which last week published a report comparing the M.O.s of East 
Asian and Eastern European attackers.

But Eastern Europe poses just as much of a threat, he says, and these 
attackers are typically more sophisticated overall, employing 
custom-built, complex malware, and running their operations out of 
bulletproof hosting providers and advanced botnets. Plus, they steal 
credentials that can quickly be monetized. "If I was CEO of a 
corporation, I'd rather deal with East Asia than Eastern Europe because 
the Eastern European hacker crew comes in like commandos targeting your 
house in the suburbs, knowing everything about that house and going in 
and out, and [before you know it], you're done and you may not know 
you're done," he says.

[...]


--
Certified Ethical Hacker and CISSP with ExpandingSecurity.com gives the best
training and support. Last 2012 CISSP and CEH starts Oct. 1! Take action now
and be done before 2012 ends. Best program, best price.
CISSP info signup
http://www.expandingsecurity.com/product/cissp-live-online-10-week-course/
CEH info signup
http://www.expandingsecurity.com/product/ceh-certified-ethical-hacker-online/
Our Live Online classes will not wreck your schedule.
Received on Sun Sep 30 2012 - 22:37:44 PDT

This archive was generated by hypermail 2.2.0 : Sun Sep 30 2012 - 22:33:14 PDT