By Kim Zetter
April 22, 2009
SAN FRANCISCO -- Cybercriminals have become industrialized to increase
their effectiveness. They are increasingly using encryption to cover
their tracks and prevent forensic investigators from recovering
evidence, according to Joe Stewart, security researcher for SecureWorks.
Stewart, speaking at the RSA Security Conference in San Francisco
Wednesday, said the criminals are using virtual private networks to
siphon stolen information from hacked companies so the stream of exiting
data often goes undetected by the victim. They've also wised up to
encrypting their hard drives so even when they're captured by
authorities, evidence stored on their computers can't be cracked.
Lawrence Baldwin, a security consultant and operator of MyNetWatchman,
who spoke on a panel with Stewart, described malware-distribution
services that help malicous-code creators infect machines with viruses
and keystroke logging programs. The entrepreneurs behind the
distribution services control legions of hacked computers corralled into
botnets, and charge customers (other hackers and spammers) for the
privilege of running their own malware on the hacked machines.
The going rate for infection distribution varies from $5 per 1,000
computers in Asia to $130 for 1,000 installations in the United States.
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 @ The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information