Thursday, October 30, 2008

Cybercrime rises as markets fall

Recent data published by Panda Security shows a direct correlation between the instability of the stock market and a dramatic rise in cyber crime.

According to Jeremy Matthews, head of Panda Security’s sub-Saharan operations “When we began looking into the specific effects cyber-criminals had on the economy during times of duress we found a startling connection: the criminal economy is closely interrelated with the global economy.”

He says that based on extensive research and analysis done by Panda of emerging malware patterns, they believe that criminal organisations are closely watching market performance and adapting as needed to ensure maximum profit.

Some of the key findings include:
• On average, the US stock market experienced between a 3 to 7 percent decline from Sep 1 to Oct 9. However, activity on the “malware markets” was the opposite: it grew substantially as the stock markets declined.
• From Sep 5 to 16, the Dow Jones Industrial Average, NASDAQ, S&P 500 and Composite Index all dropped from the plus 0.0 percent range to approximately negative 3.0 percent or lower. In the same period the Spanish IBEX 35 index and the London FTSE 100 also suffered major losses. The same timeframe witnessed a significant surge in daily malware threats; for example from Sept. 8th to Sept 10th the volume of daily threats grew from 10 150 to well over 24 000.
• From Sep 14 to 16, stock markets dropped from -0.5 to -5.5 percent while daily threats grew 50 percent each day, from 8 276 on the 14 to over 31 404 on the 16th.

Panda Security has provided the following diagrams to better illustrate this correlation (please click on images for a larger version).


Fig.1 – Stock market evolutions (Sep 1 to Oct 9) – source: moneycentral.msn.com



Fig.2 – Threat evolutions with key highlights (Sep 1 to Oct 9) – source: PandaLabs


According to Panda Security, there is an increase in adware and there has been a dramatic surge of fake anti-virus software scams lately. Now is the time to be more vigilant and more suspicious than ever before. It is evident that cybercriminals will stop at nothing to get your money, especially in desperate situations. Please be careful!

Friday, October 24, 2008

Tuesday, October 14, 2008

SecTor 2008

This year’s SecTor was simply amazing and had a great turn out. It featured a number of great talks by presenters such as Johnny Long who discussed “no-tech hacking” and HD Moore on "MetaSploit Prime". Everything was extremely well organised by the very accommodating SecTor team.

Our training went great, and we would like to thank everyone who attended our training and for their feedback. Last but not least, a huge thanks to Brad 'RenderMan' Haines for helping out with the training!

Wireless hacking gets more interesting…

Russian hackers have discovered a mode to accelerate Wi-Fi decryption by using an NVIDIA graphics card, although no one seems to be clear which one is being used.

Apparently, it cracks passwords much faster than the usual methods. Although some sources cite that these type of new hacking techniques focused on wireless technology could see a move back to a wired network connections, I sincerely doubt that.

The nature of the technological advancement beast ensures that we are always moving in a forward direction – and never backwards. Besides, people tend to ignore security issues where convenience plays a factor.

In any case, suggestions are being made to apply tighter VPN controls, so you can always start there.

If anyone is interested in learn more about wireless hacking, you can contact me on ilva@telspace.co.za for more details on Telspace’s Bluetooth and Wireless 101 training.