Cyber fraud trends and mitigation

Security workshop / 3rd COLARIS

Tuesday — October 16th, 2007 15:50

Phishing Trojan horse programs are not traditional bots, but sophisticated and original pieces of malicious code. Since iDefense began tracking this technique in May 2006, attackers have quietly seeded dozens of variants into the wild to target at least 30 specific banking institutions. These attackers had intimate knowledge of each targeted bank’s Web infrastructure and built a sophisticated command-and-control system that completely automated the attacks. The authors believe that criminal organizations are using these phishing Trojans to compromise millions of bank accounts across the globe. These Phishing Trojan attacks can defeat sophisticated authentication schemes that security experts previously thought rock solid.

This presentation discusses mitigation techniques that work and fail in light of these new malicious code attacks. The audience will be given an overview on malicious code attacks against the financial infrastructure and an introduction to banking authentication schemes. The presentation also includes cyber fraud detection and mitigation strategies.

Mr. Thomas heads the iDefense Malicious Code Operations Group, responsible for the active collection of open-source intelligence, and for the reporting and analysis of public reports and outbreaks of malicious code. Mr. Thomas also directs the malicious code research lab in iDefense, which is tasked with the development of tools for discovery and analysis of malicious code and related threats. Before joining iDefense, Mr. Thomas worked as Principal Computer Forensics Consultant in several data acquisition and litigation support projects and served as expert witness in federal court. Early in his career Mr. Thomas designed hardware and realtime software in the controls and digital television sectors before turning his attention to enterprise software. A Certified Lotus Specialist, he has expertise in e-mail archiving, document imaging, Siebel, SAP and Oracle Applications. Mr. Thomas holds a Master of Science degree in Electrical Engineering from the University of Dortmund in Germany.

Presenters

• Ralph Thomas (VERISIGN iDefense, US)

  

  Mr. Thomas heads the iDefense Malicious Code Operations Group, responsible for the active collection of open-source intelligence, and for the reporting and analysis of public reports and outbreaks of malicious code. Mr. Thomas also directs the malicious code research lab in iDefense, which is tasked with the development of tools for discovery and analysis of malicious code and related threats. Before joining iDefense, Mr. Thomas worked as Principal Computer Forensics Consultant in several data acquisition and litigation support projects and served as expert witness in federal court. Early in his career Mr. Thomas designed hardware and realtime software in the controls and digital television sectors before turning his attention to enterprise software. A Certified Lotus Specialist, he has expertise in e-mail archiving, document imaging, Siebel, SAP and Oracle Applications. Mr. Thomas holds a Master of Science degree in Electrical Engineering from the University of Dortmund in Germany.