Posts

Identity Theft Expert; Conficker Virus Countdown

Robert Siciliano Identity Theft Speaker

News of Conficker out of control then under control is everywhere.

60 minutes reports on everything we have discussed in these posts. Main stream media has recognized the Internet has a cancerous virus and is infected. Criminal hackers are creating viruses infecting webpages in record numbers all in the name of money.

Security professionals are losing sleep as they race against the bad guys in anticipation of the next big breach.

Conficker is big news as its infecting mainly corporate networks at an astonishing estimated 10-12 million PCs and this sleeper cell is set to get its next set of updates April 1st.

Like Al Queda operatives living amongst us, cyber terrorists waiting for their next communiqué from a remote cave, Conficker waits to strike.

Nobody knows what’s going to happen April Fools, but security professional have a plan. Do you?

By all accounts Conficker has the potential capacity to steal data or launch a massive denial of service attack which encompasses massive amounts of data, flooding the Net, bogging down mainframe servers that distribute data to our inboxes.

60 Minutes used the example of what I did on CNN describing a Facebook hack and used a Morley Safer Facebook account that may be hacked with Conficker and begins to send messages to Morleys friends. Then Leslie Stahl who is a Morely “friend” receives an email looking like it’s from Morelys Facebook account to click a video. That video has a destructive payload that infects Leslies machine and the virus replicates itself to Leslies contacts.

Now Morelys PC has a virus that records all his keystrokes and Leslie is just as vulnerable. Bank accounts are cracked, credit card log-ins are stolen, the contents of their My Documents folders are copied and sent to Turkey and identities are stolen. People who don’t have any identity theft protection face years of dealing with creditors who accuse them of being bad debtors.

Malware is showing up on thousands of websites compromised in numerous ways and infecting computer users whose defenses are down.

Most attacks can be prevented with updated anti virus like McAfee or others. But with an estimated 15,000 new infections daily it’s difficult for the every day user to protect themselves unless they are automatically downloading virus definitions. And that may not be enough.

Criminal hackers come in all shapes and colors from every corner of the world. Russian hackers are often depicted as the best of the worst. These cyber criminals are often put on a pedestal in their communities as they brag about their accomplishments, hacking wealthy hacker Americans and stealing 10s of thousands of dollars monthly and spending that money in their remote villages.

Russian authorities generally don’t prosecute and may even employ criminals to steal from greedy Americans. As long as hate and money are motivators, foreign governments will groom and incite talented 14 year olds into a life of crime.

This story is far from over.

Robert Siciliano Identity Theft Speaker discusses online banking security here

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information

Identity Theft Speaker; April Fools Day is conficker worm day

Robert Siciliano Identity Theft Expert

Criminal hackers have created a virus that has slipped into millions of PCs and is set to strike on April Fools day. This is no joke.

So far this year it is estimated that somewhere between 3 and 12 million computers have been compromised by the “Conficker” worm, also known as “Downup,” “Downadup” and “Kido,” possibly considered the largest known global botnet.

Microsoft and others are in a 24/7/365 battle with the makers of Conficker to see who ends up at the finish line first.

None of the PCs infected with Conficker are displaying any of the characteristics generally exhibited by the recent spate of viruses, offering a remote control component and often used to host spoofed websites and other malicious fraud related activities. At least not yet.

If Conficker reaches its full potential, it will result in data breaches, credit card fraud and numerous forms of identity theft.

It has been widely believed that Conficker is waiting for its next set of updates on April 1st, to unleash the endgame its writers had in mind.

The sense among security professionals is that Conficker will unleash an uncontrollable fury not yet seen or experienced by the security community.

Conficker duplicates like viruses of old and infects PCs that are unpatched and outdated. The virus scans the Internet, seeking and infecting unpatched computers. Conficker was built with encryption pirated from an MIT researcher and has the ability to circumvent anti-virus programs.

This level of technology has the ability to slip into external hard drives, thumb drives and any memory based peripheral. When that same peripheral is plugged into another PC, that PC is also infected.

Many PCs in Asia have rogue versions of Windows, and are largely unpatched due to Microsoft not allowing updates.

Update your Microsoft Windows ASAP. Make sure you have up to date Internet security software, such as McAfee. Stay away from rogue websites and be careful what you click.

As stated in a previous post, Microsoft offered a global bounty for the arrest and prosecution of whoever created and released the Conficker virus.

Even with the security community vigorously trying to defend PCs globally, in early March, millions of Conficker-infected PCs were upgraded into a peer to peer network, which makes the botnet even more dangerous by giving each infected PC commanding authority over others. This means that every PC has the capability of running every other PC on the botnet.

The anticipation among researchers leading up to April 1st is much like that which was felt prior to midnight on December 31st, 1999. The Y2K ”bug” was considered a ticking time bomb for all major computer applications.

Much has been done to avert a Conficker disaster, but nobody knows for sure what will happen. April 1st is a day of foolery, but this year it may also be a major breakthrough for hackers, good or bad, to see who is top dog.

See Robert Siciliano, identity theft speaker, discussing viruses in peripherals here.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.