Undermining The Underground
Researchers at Carnegie-Mellon are hoping to leverage “honor among thieves” to disrupt the booming underground market for malware, compromised data, and vulnerability exploits. If you have ever shopped on eBay you are probably familiar with the concept of feedback and the need to build a solid reputation so that others feel confident that they can do business with you without fear of being scammed or duped in some way. Well, even in the seedy underground of the computer security black market the hackers, thieves and ne’er-do-wells have to establish themselves as reliable sources of illegal and malicious materials. According to this article in The Register, researchers are planning a pair of techniques aimed at undermining and disrupting the ability to establish or rely on users’ reputations in the underground black market.
I don’t have much faith in this solution. Yes, there is some “honor among thieves”. And, yes, the proposed approach may disrupt some business. But, the criminal underground is much more resilient than that. I don’t think it will take long for them to innovate some other means of establishing their identities and reputation, or circumventing the underground process altogether in favor of more of a “friends-and-family” peer-to-peer approach. Rather than trading on the open market, the underground can simply create a system similar to say LinkedIn.com that lets users build a circle of friends and link to others in a sort of 6-degrees-of-separation method that lends credibility to those in a given network.
October 20th, 2007 at 8:07 am
IF THERE WERE A BLOG SITE THAT POSTS ALL OF THE HIDDEN VIRUSES THAT HAVE BEEN DISCOVERED AND THIS IS POSTED FOR OTHERS SO THEY COULD KEEP UP TO DATE AND PROTECT THEMSELVES THEN EVERYONE WOULD BE A LOT BETTER OFF. THERE IS NO HIDDEN AGENDA JUST WEEL KEOT SECRETS THAT CAN BE DISCOVERED. SOME HACKERS HAVE HELPED WITH SECURITY SINCE THE 9/11 ATTACK. WE COULD USE THESE SOURCESW AND FIND OUT MORE.
October 24th, 2007 at 6:22 pm
Tony – I totally agree with you here. I also read these articles talking about Social Engineering and attempts to disrupt the “credibility system” among criminals and dont feel its the right approach.
This will definitely not stop the problem , the issue of credit card theft and selling of this property will still continue. I think “cyber law enforcement” needs to consider a more direct and effective approach.
To that end there are companies that are offering “Kill services” to known phishing sites. These firms establish relationships with ISP’s and when a suspect site is located – they work with these organizations in taking them “off the air”.
One such firm is Internet Identity which apparently works in conjunction with Microsoft and when a bad site is located, they add this to the phishing filter being used with IE v7x. Aside from this they contact pertinent ISP’s to “down” this site.
I think this type of solution will be more effective in helping to stem the tide credit card fraud and subsequent criminal sales online.
JV
http://www.securasys.net