Cybercrime: medium-term outlook
description
Transcript of Cybercrime: medium-term outlook
Cybersecurity threats: medium-term outlook
Dr Ian Brown
Oxford University University College London
Outline
• Recent DDoS attacks and extent of the threat• Other cybersecurity threats to global financial
services• Impact on global firms, feasible solutions or
precautions• Future outlook for Internet security
Definitions
• Distributed Denial of Service (DDoS)• Botnets• Phishing (spear, rock, pharming)
DDoS threat
• ~5% machines part of BotNets (20m)• Rent your own! 3-7c/machine/week
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
DDoS extortion
• Market participants - custom virus writers, bot herders, mafias
• Gambling companies have been hardest hit, but other industries also targeted
• No “silver bullet” technology solutions available in medium term
Recent attacks upon Estonia
• Sustained DDoS attacks during April on Estonian govt websites, banks and telecoms
• Russian govt widely blamed, but no evidence
• Govts undoubtedly have such cyberwarfare capability - China
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Phishing
• Symantec alone blocking 8m e-mails daily in 2006• Similar criminal ecology to DDoS - custom virus writers, botnet herders, site operators,
spammers, mules
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Source: Anti-Phishing Working Group May 2007 report. 96.6% of attacks are on financial services insitutions
Scale of phishing threat
• UK online banking losses £33.5m in 2006
• US losses estimated $2bn• Theft being supplemented
by more sophisticated scams such as pump-and-dump, cut-outs
UK online banking fraud
0
10
20
30
40
2004 2005 2006
£m
Data: House of Lords Personal Internet Security report (2007) p.15
Taking down the phishers?
• Targeted financial services institutions can ask hosts to take down sites
• Some hosts still unresponsive
• Phishers moving to botnet hosts and more sophisticated frauds (escrow, “sales reps”)
QuickTime™ and aTIFF (Uncompressed) decompressor
are needed to see this picture.
Source: R. Clayton & T. Moore (2007)
Redistributing liability
• House of Lords concluded liability must be shifted to some combination of software vendors, ISPs and financial institutions
• Intended to lead to innovations such as RBS off-line consumer card terminal
Conclusions
• DDoS, phishing and other attacks are merging into an Internet criminal economy
• Financial services vulnerable both to direct attack and as guardians of customer assets
• Security opinion leaders moving to liability redistribution as key solution - could be new insurance market and concern for banks