The Life of a Cybercrime Investigator 79
An anonymous reader writes "Steve Santorelli gets computing experts and law enforcers to cooperate in a global fight against organized Internet crime. This article talks about the role of law enforcement in identifying and battling online threats as they change and evolve. Quoting: 'The common wisdom about hacking and cybercrime is, in Santorelli's view, severely out of date. He says cybercriminals aren’t lone wolves; they are financed and directed by international criminal syndicates. ... Organized crime also has vast resources derived from its traditional operations to finance the hiring of quality hackers around the world. There is even evidence that some syndicates are investing in research and development, looking to create proprietary, next-generation hacking tools, Santorelli says.'"
Problem is people (Score:1, Insightful)
This is why the problem isn't Windows. These people will do whatever is necessary to make profit. Linux would be just as well targeted if it had the same market share and amount of stupid people. Windows as an OS is secure, especially Windows 7, but there's nothing you can do about user stupidity unless you close down the whole OS. And is that something we really want to happen, locked "consoles" for everyone?
It's coming (Score:2, Funny)
And is that something we really want to happen, locked "consoles" for everyone?
It's already here and it's called iOS iPad, iTouch, and iPhone.
Re: (Score:2)
And the people who use them always love to say "well if everybody just used Apple nobody would have viruses."
Nevermind the fact that the moment this happened, even those devices would be targeted by a ton of remote-rooting attacks.
Re: (Score:2, Insightful)
Re: (Score:1)
Re: (Score:2, Insightful)
Look, the cause is stupid people. But you cannot fix stupid people. So what to do?
Re: (Score:2)
It's a valid discussion though, or at least the way it would go if done by separate people. We've been there dosens of times already on slashdot.
Re: (Score:2)
People need the ability to install freeware, shareware, commercial, their friends apps or their own apps and so on.
Oh please- you've been able to do that for years in package managers. It's easy to add software to a repository list giving you the ability to install a package your distro doesn't provide for whatever reason. Some software gets bundled in executables which work just like in Windows (e.g. America's Army [ubuntu.com]).
Security-wise, the useful difference is that this process is not as ingrained in a brain-dead way that you routinely download an exe you shouldn't be trusting and reflexively click "Next" five times. Th
Re: (Score:2)
If Linux was mainstream OS, that wouldn't work. People need the ability to install freeware, shareware, commercial, their friends apps or their own apps and so on. Look, the cause is stupid people. But you cannot fix stupid people. So what to do?
Hey, they can compile that stuff in ~/local/src/ and install it in ~/local/lib/ and ~/local/bin/ etc... I used to do that all the time back in school. It's just a quick ,cd app, sh configure --foo --bar, make, wget dependency1, tar zxvf dep1.tgz, cd dep, sh configure --foodep1 --bardep1, make, make install, cd app, make, wget dependency2, unzip -t dep2.zip, mkdir dep2, cd dep2, unzip dep2.zip, sh configure --foodep2 --bardep2, make, make install, cd app, make, wall IT_COMPILED, make i
tar jxvf app.tar.bz2
Re: (Score:1)
And this is why anyone with half a brain doesn't want to waste their time fucking around with Linux.
Re: (Score:2)
I call bullshit. Show me where Apple is making such claims.
Re: (Score:2)
Here you go, right from the Apple's core. [apple.com] Notice how they say "Mac OS X doesn’t get PC viruses. And its built-in defenses help keep you safe from other malware without the hassle of constant alerts and sweeps."
Of course Mac OSX doesn't get PC viruses. Tim, don't you think that statement is just a little bit intentionally misleading? Be honest.
Re: (Score:2)
The statement "Mac OS X doesn't get PC viruses" a) doesn't make either of those claims and b) is absolutely true.
Intentionally misleading? Not to me and apparently not to you. So who would be misled by it?
Re: (Score:2)
People buying mac personal computers because advertisement says it can't get personal computer viruses.
Re: (Score:2)
What, other than a PC [wikipedia.org], does Mac OS X run on?
Re: (Score:2)
Tim, with all respect that's the wrong answer. The more accurate answer would have been, "I didn't know Apple was claiming that OSX was impervious to viruses".
Seriously, I'm going to repeat the link here: where Apple says, "With virtually no effort on your part, Mac OS X offers a multilayered system of defenses against viruses and other malicious applications, or malware." [apple.com] The headline on that page says, " Mac OS X doesn’t get PC viruses. And its built-in defense [apple.com]
Re: (Score:2)
I call bullshit. Show me where Apple is making such claims.
How about on their website [apple.com]?
Mac OS X doesn’t get PC viruses. And its built-in defenses help keep you safe from other malware without the hassle of constant alerts and sweeps.
... which of course everyone reads as
Mac OS X doesn’t get viruses. And its built-in defenses help keep you safe from other malware.
Re: (Score:2)
As I explained above, divxio's statement is
Neither of the quotes you cite make such claims.
Re: (Score:2)
After all, the definition of "is" is changeable depending on context.
Re: (Score:2)
Of the top of my head, all Apple says is that it doesn't get PC viruses. http://www.youtube.com/watch?v=sdF5IsyOxU4 [youtube.com]. "There are a 114,000 known viruses for PCs." "PCs, not Macs." If a customer believes that means Macs don't get viruses or malware, it's their own fault. Right?' Though...
"A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part."
http://www.apple.com/why-mac [apple.com]
Re: (Score:1)
Re: (Score:1)
While there are remote exploits [notably, the PDF one with the original iPhone v1.0], most of the jailbreaks are not 'remote' in that you need to have the physical phone with a hardware connection to a computer running the jailbreak software.
Re: (Score:2)
As a geek who gets a call every time a family member's PC so much as has a popup - YES!. Locked consoles for everyone, please.
Re: (Score:2)
This is why the problem isn't Windows. These people will do whatever is necessary to make profit. Linux would be just as well targeted if it had the same market share and amount of stupid people. Windows as an OS is secure, especially Windows 7, but there's nothing you can do about user stupidity unless you close down the whole OS. And is that something we really want to happen, locked "consoles" for everyone?
Not entirely true Linux isn't a single OS there are many different distributions these different variations cause a problem with exploiting flaws the uniformity of windows and it's popularity make it a good target.
Re: (Score:2)
We have that in devices, and attempts like ChromeOS are likely going to bring that to the desktop.
There is a big push to take root/Administrator away from the end user, for a number of reasons:
1: Joe Sixpack users won't be installing Trojans.
2: The hardware can not have features enabled.
3: OS updates are controlled, and it is easy to force users to get new equipment if they want to use apps with a new OS version.
4: Features can be disabled at will, like OtherOS.
5: Un-uninstallable "branding" can be add
Not just criminal syndicates, governments too (Score:3, Interesting)
Much of the hacking now is government-sponsored too. China, Israel, the U.S., and Russia have all been allegedly involved in this for some time (probably a lot of others too). Stuxnet [wikipedia.org], theft of Google source code [wired.com], you name it. Seems like everyone is in the cybercrime (or cyberwarfare if you want to stick a more polite euphemism on it) business these days.
Governments rule the crime roost (Score:1)
No. Government militarization dates back to 1990s (Score:4, Interesting)
I personally observed at least six or seven countries' military domains looking at one of my sites in the late 90s which focused on then unrealised methods of remote operating system fingerprinting (many of which were ICMP-based, and not implemented publicly until years later). As well as many parts of the US military, there was (South, obviously) Korea, Japan, and Germany I believe. Of course, back then they were happy to browse from a .mil.* IP, these days none of them would do that. Australia used to have a lot of network warfare information up on the DSTO website, there's less these days, however they are still a good source for the multi-military JWID events (Joint Warfare Interoperability Demonstrations), a regular compatibility-of-command-and-control event that involves many western militaries. The trend I have seen thus far is for government/military to co-opt hackers through establishing corporate fronts, usually led by an otherwise-reputable hacker who is on the take or convinced to 'help the country' with nationalism. They also pay hackers with basic community cred as informants, and send them to security-related events all around the world in the hopes of acquiring actionable intelligence. We all need to be very careful who we give information to. Furthermore, the increasingly commercial development of some areas of our industry (open source intelligence gathering / computational linguistics / passive traffic analysis + surveillance / video surveillance systems) are strongly contributing to the further degradation of society in to a 1984-like situation. The best thing we can do as people is to avoid the allure of money and refuse to work in these areas, whilst publicly pointing the ethical finger at those that do.
In other words, the government turns hackers into? (Score:2)
In other words, the government seeks to turn hackers into informants aka stooges?
What isn't know is how the government gets them to do that, without paying then any money. Threats? Help us or gitmo? Why would any hacker want "community cred" as an informant? And why would a hacker risk their lives for free? Patriotism?
That being said, these hackers would be informing or working for the mafias and others if not the government because the mob runs a protection racket just as the government does. But what you
Re: (Score:1)
The only problem that I see with a security career is that I imagine you would almost have to be a grey hat these days to be truly effective in the field (though I'm sure there will be no shortage of white hats who would disagree). Hacking is getting pretty sophisticated, and it would always annoy me to be handicapped by the fact that I could never even skirt the law (much less break it) in trying to keep up with the latest techniques. This is unless you actually work for law enforcement, of course, in whic
JPMorgan Chase, GS & Morgan Stanley (Score:1)
Re: (Score:2)
1. Investigate cybercrime
2. ???
3. Profit
#2 is mostly filled with commenting on
Re: (Score:1)
lulz.
Re: (Score:3, Funny)
No, but they have 3 beautifully-handcrafted fake "1" licenses and they are about 1/7th of the way through the artwork of a 4th.
Some lone wolves still (Score:3, Interesting)
Although all of the powerful crackers know others, some of them truly are lone wolves. For instance, The Jester (th3j35t3r ) with his Xerxes botnet. He doesn't claim any affiliation AFAIK and is self-proclaimed former military hacker. I always wondered if they give him a pass because he helps with other things, like taking down Islamic-jihad websites which he's know to do. No man is an island after all and he definitely has connections. But still he seems to be the "lone wolf" acting with impunity at times.
And that's just one of many that have never claimed a group affiliation and seem to be driven more by underground fame and rage than money or crime.
Re: (Score:3)
Don't usually post to my own comments but a correction - he is self proclaimed former military and served in Afghanistan. He never claimed he hacked for them AFAIK.
Best/Worst part of the article (Score:3)
Santorelli has devoted his career to identifying, tracking and apprehending cybercriminals in a new cyber-environment in which police chases are clocked at light speed and villains drive on a global superhighway congested with 1.8 billion law-abiding commuters.
LMAO! XD
Re: (Score:2)
Lets stay positive.. (Score:1)
Re: (Score:2)
They're already doing that with criminal clearing houses and exchanges. We just have to stay one step ahead of them and pay the best hackers to "white hat" for us. That's the key. We need out own heavy hitters that can skirt the fine line.
Re: (Score:3)
We noticed (Score:5, Informative)
Most were pretty crummy code, at least by our standards, though there were a few interesting tricks, like pushing data on the stack and then doing a return to get a goto to happen, often into a system function.
All of a sudden, things got better or worse, depending on your POV. The stuff we were capturing suddenly changed, a lot - it was well written, well obfuscated, and tricky stuff -- we even got a cool idea or two from it, and the new stuff was much smaller and made better use of the system API to do nearly all the work -- none of the obviously malicious code was in the virus itself, just system calls with destructive parameters. This would have been around the 2006 timeframe.
It was obvious that someone had started putting money into the game, or for whatever reason the quality of the crackers had suddenly gotten a heck of a lot better, which usually implies the former. Real talent.
To the fanboi who said "it's not windows", sorry pal. Might have been true once, for bot farms and so on, that need volume. Today's cracking is financially based, and much more targeted. And most machines that deal with tons of money aren't running windows -- after being burned a few times, you think the financial business has any loyalty to the guys in redmond? Or anyone at all, for that matter? Linux is just plain more difficult to crack, and more proactive about patching when possible vuln's are discovered. Anyone who looks at the flow of updates to Ubuntu and how many of them "fix a possible security bug" knows this. Many bugs that would have been zero-day exploits are fixed before anyone has put an exploit out for them at all, just by doing some fairly obvious code analysis, looking for ways to overflow allocations and such.
Could be windows guys do that some too, but since they long-delay even well known holes, and you can't see what is in those closed source, uncommented updates, (sometimes there's a KB entry, but not always and always little detail) how could you prove that? I don't think you can.
financed ... by international criminal syndicates (Score:2)
they are financed and directed by international criminal syndicates
This is the part I don't understand, or maybe its a troll indicator.
So.... I've seen all the movies. You wanna buy $100K worth of coke in Columbia to sell in the USA for $500K. But you don't have $100K. So you get a very special loan, with some very special terms, etc, from some dude in Columbia. Thats financing by an international criminal syndicate.
How exactly does an international criminal syndicate finance hacking? How much money has to be fronted to get a .torrent of visual basic or whatever, on a
Re: (Score:1)
Re: (Score:1)
Re: (Score:1)
Just because the information doesn't get tweeted and dissected in main tech-media, it doesn't mean that there aren't real mafia-like crime syndicates around.
There are real criminals, with real organization, who collect 'protection money' just like you've seen in mafia documentaries and movies.
You do not have a choice but to pay up and be quiet. If you had an online business, say a betting site, which generates considerable amount of money on hourly basis and you would find yourself DDOS'd with the option t
Have been teaching that for a long time... (Score:2)
It should be no surprise to anyone in the IT field, but I can see how there might be a big disparity between contemporary IT thought and the knowledge held by law enforcement units around the c
Fraud By Net (Score:2)
Probably the largest amount of criminal activity comes fro women on dating sites trying to scam men into sending money to enable travel to the man. If the government gets serious millions of American women could get severe prison sentences for that game. In law it is not so difficult to offer proof that a woman has promised to travel to live with 75 different men all over the world on the same day and taken money from many of them.
This is an issue like stealin
Apples and papya? (Score:2)
bicycle thieves rarely use shotguns to execute their crimes...
Where to send my CV (Score:3)
Organized crime also has vast resources derived from its traditional operations to finance the hiring of quality hackers around the world.
How do I get in on that?
Re: (Score:1)
1. Move to Easter Europe
2. Learn to speak Russian and Moldavian
3. Tell everyone you meet you are a super 1337 h@x0r
4. ???
5. Profit
6. Get arrested and prosecuted locally.
7. Accept slap on wrist
8. Profit
Re: (Score:2)
It's the Hollywood! (Score:2)
Look, I know who they are, the bad guys. Haven't you noticed in every hollywood movie that features a hacker, they use totally different hacking tools than what we see normally? Those Matrix like, futuristic hacking scenes allow a mediocre hacker to crack DoD mainframes in like 15 seconds with a gun pointing to his head! Un-Be-lieable! Oh, and don't forget that they all use Macs. I don't have any proof that is related, but Steve Jobs is on some big freaking Studio's board.
Re: (Score:1)
Haven't you noticed in every hollywood movie that features a hacker, they use totally different hacking tools than what we see normally? Those Matrix like, futuristic hacking scenes allow a mediocre hacker to crack DoD mainframes in like 15 seconds with a gun pointing to his head!
You mean like in that movie 'The Matrix Reloaded', where trinity uses nmap [youtube.com] to find an exploitable SSH server? Insultingly infeasible.
Is this like the Cyber Police? (Score:2)
I hope no one out there dun goofed!