1. Desktop Security
How to protect our desktop computers
Security4all
Information Security Consultant

3. The unsinkable ship

4. Today’s Agenda
• The risk landscape
• The effectiveness of our technology
• Possible countermeasures

5. Know
your
Risks

7. Motivations evolved from play to
business
• Revenge
• Extortion
• Competetive Sabotage
• Industrial espionage
• Political Activism
2001 2003 2005 2007
Political/Main
Experimental Extortion For Hire stream
2002 2004 2006

8. “heike”
黑客

9. N.C.P.H.
“For-profit” Hacker group
玫瑰
Wicked
Rose
Source: www.mghacker.com

10. $242 (1,967 RMB)

11. $625 (5,000 RMB)
+150%

12. Table: Breakdown of goods available for sale on
underground economy servers
Source: Symantec Corporation
Rank Item Percentage Range of Prices
1 Credit cards 22% 0.50$ - 5$
2 Bank accounts 21% 30$ - 400$
3 Email passwords 8% 1$ - 350$
4 Mailers 8% 8$ - 10$
5 Email addresses 6% 2$/MB – 4$/MB
6 Proxies 6% 0.50$ - 3$
7 Full identity 6% 10$ - 150$
8 Scams 6% 10$/week
9 Social security 3% 5$ - 7$
numbers
10 Compromised 2% 2$ - 10$
unix shells

14. Russian Business Network
• Mpack
• Storm Worm
• Phishing
• Banking Trojans
www.bizeul.org/files/RBN_study.pdf

15. Titan Rain

16. November 2007
concentrated campaign of
cyber espionage against UK
businesses

17. November 2007
160GB

18. March 2008

19. The technology

21. Virus
scanners

22. 11 October
MS07-60

23. File .doc received on 23.10.2007
Result: 10/32 (31.25%)

24. File .doc received on 10.02.2008
Result: 11/32 (34.38%)

25. Report: All Your iFrame Are Point to Us (11 February 2008)

29. Firewalls

30. Firewalls are not security
devices, they are more
for network hygiene

31. DNS tunneling

33. Patching

34. 55 Days
16 January
11 March

35. Don’t forget to patch these !
• Macromedia Flash
• Acrobat Reader (PDF)
• Sun Java
• RealPlayer
• Apple Quicktime

37. Encryption

40. Countermeasures

42. quot;A false sense of security, is
worse than insecurityquot;
- Steve Gibson