Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Managing Cyber threat – collaboration delivers but sends a warning of complacency

Craig Richardson, CEO Wynyard Group | April 10, 2015
While collaborative law enforcement operations can help prevent the spread of malware, organisations themselves still need to change their approach to deal with threats that infiltrate their networks without them even knowing.

This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.

It's increasingly acknowledged that advanced cyber threats are an unsolvable problem and that managing those threats and attacks is a responsibility shared and managed by all -- the public sector, the private sector, and the general public.

Evidence that governments around the world are taking a step towards improving the defence of our businesses and critical national infrastructure through collaboration is starting to show, as outlined in recent high-profile cases.

Collaboration from around the world includes the South Korean government which was host to the Seoul Defence Dialogue, with Mr BaekSeungjoo, the Vice Minister of National Defense, proposing to establish and organization for cyber cooperation. The forum, attended by senior defence officials from 24 countries including Australia, Brunei, Cambodia, Canada, China, India, Indonesia, Japan, Korea, Laos, Malaysia, Mongolia, Myanmar, New Zealand, Philippines, Singapore, Thailand, and Vietnam, saw one of its four sub-sessions dedicated to cybersecurity cooperation and international norms.

In the United Kingdom, the National Crime Agency which leads the UK's law enforcement's fight against serious and organised crime, has led a major European operation to tackle malicious software (malware) which is known to have infected around three million computers around the world.

The Agency's National Cyber Crime Unit (NCCU) worked with law enforcement counterparts in the Netherlands, Italy and Germany, co-ordinated through Europol's European Cybercrime Centre (EC3), to shut down command and control servers used by a 'botnet' network of infected computers to run the scheme.

This botnet, named RAMNIT, spread malware via seemingly trustworthy links sent out on phishing emails or social networking websites. If users running Windows operating systems clicked on the links, the malware would be installed, infecting the computer.  These computers becoming under the control of criminals, enabling them to access sensitive information, personal or banking information, steal passwords and use the computer to circulate further spam messages or launch illegal attacks on other websites.

Across the globe, the U.S. State Department, the Department of Justice, and the FBI recently announced a reward of US$3 million for information leading to the arrest and/or conviction of Evgeniy Mikhailovich Bogachev, currently one of the FBI's most wanted-and most prolific-cyber criminals, for his alleged involvement in a major cyber racketeering enterprise.

Bogachev, thought to be at large in Russia, has been under indictment in the U.S in connection with his alleged role as administrator of the GameOver Zeus botnet, believed to be responsible for the theft of more than $100 million from businesses and consumers in the U.S. and around the world. GameOver Zeus was an extremely sophisticated type of malware designed specifically to steal banking and other credentials from the computers it infected by either secretly logging keystrokes for passwords or creating false webpages where victims would unwittingly enter banking information and passwords.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.