The malware business presented at Virus Bulletin 2008

by David Emm (Kaspersky lab),

Tags: Security


Summary : "The threat landscape has changed significantly in recent years. Until a
few years ago, viruses and other malicious programs tended to be isolated
acts of computer vandalism, anti-social self-expression using hi-tech
means. Most viruses confined themselves to infecting other disks or
programs. And 'damage' was largely defined in terms of loss or corruption
of data, or the failure of email servers under the load generated by
malware epidemics. This has given way to the use of malicious code designed
to make money illegally and the emergence and development of a 'dark
economy' that supports it. This malware business is just the flip-side of
the legitimate economy. Wherever there are opportunities to make money
legitimately, there are always those who will seek to make money by
illegitimate means. Cybercrime, then, is crime conducted using hi-tech
In place of the indiscriminate attacks of a few years ago, we now see
strategic and targeted attacks on businesses, conducted compromised zombie
machines that have been taken over by cyber criminals. The collection of
zombie machines - botnets - is used to harvest personal data, to carry out
DDoS attacks and to mass distribute spam. This malware ecosystem is
complex, thriving and expanding on the back of e-commerce.
The new threat landscape represents a more determined adversary, yet this
is still not fully understood. There is still a perception that malware is
focused on causing disruption to corporate systems; and losses tend to be
calculated on the impact to security systems. Today, cyber criminals have
the same vested interest in our system up-time as we do: an interruption
to our business is an interruption to their criminal business.
This presentation will outline the methods used by cyber criminals to
compromise computers on the Internet, harvest personal data and make money