ADN Issue 7, June 2014

Contents

Cybersecurity: The Game is Over: GameOver Zeus Botnet

forward
GameOver Zeus Botnet Disrupted
FBI
FBI, June 2, 2014
On June 2, 2014, the Department of Justice and the FBI announced a multinational effort to disrupt the GameOver Zeus botnet, believed to be responsible for the theft of millions of dollars from businesses and consumers in the U.S. and around the world.

Also announced was the unsealing of criminal charges in Pittsburgh and Omaha against alleged botnet administrator Evgeniy Mikhailovich Bogachev of Anapa, Russian Federation.

Tags: Cybersecurity, Encryption,
forward
Global Effort Disrupts GOZeuS Botnet, CryptoLocker; One Indicted
Sara Peters
InformationWeek, June 2, 2014
An international public-private collaboration involving security companies and law enforcement agencies in 11 countries aims to disrupt the underlying infrastructure of the cybercrime industry.

The US Department of Justice announced global collaborations today to disrupt the operations of the GameoverZeuS (a.k.a. GOZeuS, a.k.a. P2PZeuS) botnet -- responsible for hundreds of millions of dollars in bank theft and financial fraud -- and users of the CryptoLocker ransomware, which is often used in tandem with GOZeuS. It also announced a 14-charge indictment of a Russian man alleged to be an administrator of both GOZeuS and CryptoLocker.

Tags: Cybersecurity, Encryption,
forward
How Researchers Helped Cripple CryptoLocker
Kelly Jackson Higgins
InformationWeek, June 5, 2014
James, head of cyber intelligence at Deloitte Touche, had worked with the FBI on the case, providing intelligence from a sinkhole he and his team had built to capture CryptoLocker traffic. CryptoLocker has been on the radar screen of the law enforcement and security communities for some time, and the alliance of agencies and security researchers did some serious damage to the operation by disrupting the GameoverZeuS botnet that transports it, as well as by seizing the key command and control servers used with CryptoLocker.

Tags: Cybersecurity, Encryption,
forward
The Sixth Estate of Cyberspace: The Hacker Supply Chain
Tom Kellermann
Chief Cybersecurity Officer
TrendMicro, May 30, 2014
On June 5, the Cyber Security Summit will take place in Tysons Corner, Virginia; this is a unique high-level forum between the private sector, cybersecurity leadership and the U.S. government. The conference discussion will center on the need for greater information sharing regarding threats and technical indicators, the need for continuous monitoring, i.e. CDM, and migration to cloud computing. Many presentations will focus on the activities of the Chinese and nation state hacking. In the spirit of stimulating a more enlightened level of discourse, I would suggest it would be a travesty to ignore the Eastern European shadow economy.Abs

Tags: Cybersecurity, Encryption,
forward
Russian Underground 101
Max Goncharov
Trend Micro Incorporated, Research Paper 2012
This research paper intends to provide a brief summary of the cybercriminal underground and shed light on the basic types of hacker activity in Russia. The bulk of the information in this paper was based on data gathered from online forums and services used by Russian cybercriminals. We also relied on articles written by hackers on their activities, the computer threats they create, and the kind of information they post on forums’ shopping sites.

Tags: Cybersecurity, Encryption, Internet,
forward
Castles to Prisons: Building a Super Max for Cybercriminals
Tom Kellermann
Chief Cybersecurity Officer
TrendMicro, June 4, 2014
On May 10th, 1940 the French realized the ineffectiveness of the Maginot Line against Nazi Germany’s invasion. We must accept the reality that perimeter defense is ineffective against the exploit kits, attack platforms and application based attacks of today. Our traditional architectures and controls for cybersecurity are inadequate. As the recent Verizon Data Breach Report noted most breaches are not discovered for at least 6 months. This damning reality necessitates a paradigm shift. As a community of white hats we must respect our adversaries and spin the chessboard. The proper strategy for your organization is to build a structure that inhibits the free movement of the adversary once they penetrate your system. We must transform our castles into prisons.

Tags: Cybersecurity, General,
Parlament, London

Parlament,
London, United Kingdom

ADN Editor in Chief
Dr Toomas P Plaks

London
Contact the Editor in Chief

LinkedIn connection requests welcome

E-mail Directory

  • General Inquiries:
    inf@ersaconf.org
  • Paper Submission:
    sub@ersaconf.org
    No inquiries
  • CFP are sent:
    mail@ersaconf.org
    Don't reply

WEB Directory

  • ERSA-ADN HOMEPAGE:
    http://ersaconf.org
  • ADN Journal:
    http://ersaconf.org/ersa-adn
  • ADN Issues:
    http://ersaconf.org/ersa-adn/issues.php
  • ERSA News:
    http://ersaconf.org/ersa-news
  • ERSA Conferences:
    http://ersaconf.org/ersa##
    where ## is 07, 08, 09, 10, 11, 12, 13
  • ERSA Archive:
    http://ersaconf.org/arhcive