THE BLOG

Money: The Root(kit) of Cyber Evil

16/05/2013 16:04 BST | Updated 16/07/2013 10:12 BST
AP

If anyone was in any doubt as to the motivation of cybercriminals, one should look at the case currently going through the courts in the U.S. of a gang who allegedly drained the cash from two Middle Eastern banks by apparently hacking into credit card processing firms and withdrawing money from ATMs in 27 countries.

In just one of the two alleged attacks, the gang took £26m ($40m) in just 10 hours!

While pictures of the alleged ringleaders apparently showing them with some of their ill-gotten gains are alarming, what they do show is the huge amounts of money that criminals make from their activities.

If anyone was still in any doubt about the 'professionalism' of cybercriminals, they would do well to look at this case and many others in the public domain. What has been clear for some years to those of us in cyber security is that cybercriminals are well motivated, well equipped and well skilled to make huge amounts of money through their illegal activities.

Indeed today's cybercriminal gangs are so well organized that often they buy "off the shelf" rootkits and software which they use to carry out their activities. Often this software comes with manuals, 24/7 tech support and even in extreme cases advertising! They also make use of the Internet to gather a "distribution" network that is right around the world to deliver their attacks, either physically or online via botnets. In this case the gang hit 27 countries almost simultaneously!

Of course losing cash is not the only risk companies face from cybercrime; many high profile attacks on major brands have seen their reputation and stock price damaged by breaches of sensitive information. And while many in the industry readily understand the risk, some at the board level in business seem to live in a kind of denial.

Before we blame them however, maybe we should appreciate their situation. For year after year they hear from analysts and observers how security is vital, and so they write cheques for the newest and best technology in security to protect their businesses.

But unfortunately in today's security world this is not enough. Building up the walls and layering defences will stop some of the attacks, but such is the resourcefulness of the cybercriminals, they will get in, so today it is a matter of being able to track how a network was compromised; how the malware got in; where it went to once inside the organisation; and what it did - even if it did all of this days or weeks ago.

Security has changed, there is no silver bullet as some of the senior management in those banks have unfortunately discovered....