Posts

Identity Theft Speaker; April Fools Day is conficker worm day

Robert Siciliano Identity Theft Expert

Criminal hackers have created a virus that has slipped into millions of PCs and is set to strike on April Fools day. This is no joke.

So far this year it is estimated that somewhere between 3 and 12 million computers have been compromised by the “Conficker” worm, also known as “Downup,” “Downadup” and “Kido,” possibly considered the largest known global botnet.

Microsoft and others are in a 24/7/365 battle with the makers of Conficker to see who ends up at the finish line first.

None of the PCs infected with Conficker are displaying any of the characteristics generally exhibited by the recent spate of viruses, offering a remote control component and often used to host spoofed websites and other malicious fraud related activities. At least not yet.

If Conficker reaches its full potential, it will result in data breaches, credit card fraud and numerous forms of identity theft.

It has been widely believed that Conficker is waiting for its next set of updates on April 1st, to unleash the endgame its writers had in mind.

The sense among security professionals is that Conficker will unleash an uncontrollable fury not yet seen or experienced by the security community.

Conficker duplicates like viruses of old and infects PCs that are unpatched and outdated. The virus scans the Internet, seeking and infecting unpatched computers. Conficker was built with encryption pirated from an MIT researcher and has the ability to circumvent anti-virus programs.

This level of technology has the ability to slip into external hard drives, thumb drives and any memory based peripheral. When that same peripheral is plugged into another PC, that PC is also infected.

Many PCs in Asia have rogue versions of Windows, and are largely unpatched due to Microsoft not allowing updates.

Update your Microsoft Windows ASAP. Make sure you have up to date Internet security software, such as McAfee. Stay away from rogue websites and be careful what you click.

As stated in a previous post, Microsoft offered a global bounty for the arrest and prosecution of whoever created and released the Conficker virus.

Even with the security community vigorously trying to defend PCs globally, in early March, millions of Conficker-infected PCs were upgraded into a peer to peer network, which makes the botnet even more dangerous by giving each infected PC commanding authority over others. This means that every PC has the capability of running every other PC on the botnet.

The anticipation among researchers leading up to April 1st is much like that which was felt prior to midnight on December 31st, 1999. The Y2K ”bug” was considered a ticking time bomb for all major computer applications.

Much has been done to avert a Conficker disaster, but nobody knows for sure what will happen. April 1st is a day of foolery, but this year it may also be a major breakthrough for hackers, good or bad, to see who is top dog.

See Robert Siciliano, identity theft speaker, discussing viruses in peripherals here.

I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.

Recession Turns IT Workers Into Hackers

Robert Siciliano Identity Theft Expert

What a nasty headline for an article.

From ABCnews.com the journalist roasts IT professionals on a spit. And the comments were all inspiring.

As the recession rears its ugly head, disgruntled ex employees are in the best position to drop a bomb in the companies network or suck all the data out with a few terabyte drives.

A recent study by McAfee and Purdue University put the tally of fraud, data loss and damage done at 1 trillion dollars. A thousand billion sounds like a lot of money.

To paraphrase some of the comments;

No matter how you look at it, when heads start to roll, most people that are about to be let go feel unjust and express hostility towards the employer (often, rightly so). These are the same people who were loyal company employees for years. Unfortunately, these are no win-win situations when it comes to the downsizing and companies should take proper actions to address it.

Your system admin is the gate keeper. Anyone who has access to sensitive data can potentially abuse the privilege. The loan officer, the loan processor, the secretary, the human resources gal two cubes down the hall, the cleaning people that take out our trash at night… Without proper controls in place anybody can be the bad guy. On the other hand, with adequate management these issues can be avoided, even when it comes to IT employees.

Manage your end points, your USB devices, your computer ports, your printers… Segregate your system administration roles. Tools are there. And who is going to implement them? Your IT guy. (thank you Sashimi11)

With the incredible amount of layoffs occurring, companies are bound to layoff an employee who will exact some revenge. Some say “Companies whose knee-jerk response is to cut costs by canning employees deserve some wrath”. But, in the end, the wrath doesn’t get you your job back. (thank you Patches777)

Most are working individuals, doing what they do best. All the while staying under the radar, and afraid, just like everyone else, of the threat of layoffs. The latter doesn’t mean an internal flip is switched and they bug out and start stealing trade secrets. (thank you kyleratliff)

On another note, as budgets are cut and IT pros are let go, the show must go on.

Bill Lynch of RazorThreat said to me “We are encountering lots of very frustrated CIO’s who are caught on the horns of a dilemma…their IT budgets and headcount are being slashed but their CEO’s are simultaneously demanding that they reassure them and the Board of Directors that they are not vulnerable to the same kinds of cyber attacks that have plagued some big firms lately.

They know they cannot afford to buy complex, expensive and difficult to deploy new security software and the people to manage them and yet they have to stand before the Board and profess that their networks are secure”.

The fact is, data breaches will continue and IT will often be to blame. There is a light at the end of the tunnel. There are numerous technologies that won’t break the bank and will keep the BOD happy. Companies have to consider numerous threats of theft and mayhem. Review security policies and who has access to what and why. In the end make sure employees are let go with dignity and respect.

Robert Siciliano Identity Theft Speaker discussing Credit Card Fraud Here