Xabier Mitxelena Ruiz, S21sec: A new era in cybernetic attack
March 2008 by Xabier Mitxelena Ruiz, General Manager, S21sec
It’s now 2008, yet it seems like only yesterday we were discussing hackers and the threat they pose to the digital economy. Today they have turned into cybercriminals and become the real executors of cyber attack. In 2000 we made a corporate commitment, based on our professionals’ research and innovation abilities (experts in the evaluation of infrastructure security and technological solutions), to direct the company towards continuous quality and service based on improvements in processes, products and procedures. Firstly we proposed preventive solutions to ethical hacking. We made a major effort to innovate and investigate in the areas of technology and methodology as well as training and awareness, at a time when accessing third party information systems was a personal challenge for hackers.
Since then the Internet has consolidated itself. Today it is a medium that has revolutionised economic and social models worldwide, especially in developed countries. Likewise it ought to imply a step towards the so-called Third World’s development and sustainability. The number of users has grown exponentially, access improves every day and companies are continually developing business models and new opportunities via the web. Essentially Internet forms part of our daily lives, in work, at home and at leisure.
This development has led to a crossover of fraudulent and criminal activity from our physical lives to our digital lives. A major advantage for people looking to profit from internet crime is the anonymity and hidden illegality of this medium. Historically financial institutions were the target of internet attack; today general users are the main target. The models of fraud and deception have not changed, instead the medium and fraudulent processes have simply adapted to a digital world.
The most common types of fraud succeed on the basis of concepts such as greed, innocence, curiosity and envy, which are now beginning to appear in our digital lives. While in our physical lives we find different ways of dealing with these shortcomings, in the digital world they multiply. This is due to the ease with which organisations can be impersonated and the fact that cyber criminals take advantage of people’s innocence, lack of knowledge and good faith.
In recent years we have witnessed a massive attack of spam with commercial as well as criminal objectives. The most predominant attacks are: phishing, pharming and vising. The goal of these attacks is to obtain important data (personal information, bank accounts, passwords, etc) to commit direct fraud or else to sell this information to others who will commit similar crimes in an organised way.
I must point out that 2008 is a year full of possibilities and personal and business challenges. Phishing in its various guises remains one of the most active forms of internet attack. Nonetheless in the last 12 months we have witnessed a radical change in the structure of such attacks. From our 24x7 operations centres we are witnessing massive use of increasingly sophisticated and difficult-to-detect Trojans as a means of infecting and attacking users and as an advanced way of obtaining all kinds of confidential information. Cyber criminals use and/or hire experts in information systems to perform digital ‘masterpieces of attack’ to optimise their activities. As awareness of the advantages of using Internet in a reliable and safe way increases among companies, organisations, entities and users, security becomes a fundamental part of everyday IT use. The public needs to understand and be familiar with the different types of attack that could affect them, as well as the tools used to perpetrate these attacks in order to protect against them.
At our R+D+i centre we have been working exclusively on creating and generating tools and procedures that anticipate these phenomena. The objective is to help our clients and the general public to mitigate this type of risk and to take advantage of the major benefits that today’s technology offers. S21sec has made several services available:
• Automatic WebMalware navigation (that aims to infect via Internet and obtains black lists of domains, as well as providing daily checks on clients’ domains),
• Automatic analysis of Trojans (average time of 45 seconds),
• Vulnera + iDefense as an advanced weakness service, zero day and sector risks at the global level,
• Digital Vigilance to obtain information (text, image, audio, etc) sensitive to people or groups that might harm the organisation’s image, or be used for this type of attack.
Likewise we are reaching global agreements with Microsoft (anti-phishing button feeding for IE 7.0 and interchange of malware and information), iDefense, and other organisations involved in the fight against fraud and cybercrime. These innovations and others we are working on are aimed at growing our clients’ business relations and ensuring a positive future for them, so users can feel safe in their digital lives. We also continue to provide a set of measures, services and tools that help minimise risk exposure.
A lot remains to be done as regards making it more difficult for people to profit financially from this type of attack: some relevant legal and normative aspects; the continuing work of security forces to stop the inherent criminal aspect of this medium, and above all training and awareness. There are other risks like cyberterrorism which should be analysed and studied to come up with prevention methods. Global initiatives in Homeland Security point to the need for concern among users to prevent and avoid unwanted critical situations. 100% security does not exist nor can it be guaranteed, thus we are obliged and should be compelled to work together continually to fight against those who want to impose crime in all its manifestations on this social, economic and cultural revolution and on information networks in general. In this respect we must move beyond cybercriminals. Public administrations with their structures and mechanisms should lead the fight against this type of crime and raise awareness among companies and individuals. If Spain wants to be an innovator, then digital security represents an excellent opportunity for creating a benchmark sector for the rest of the world.