Nota Bene

A big hello from Munich!

More news, and this time I’d call it ‘The big Euro freeze’.

Europe is slowly icing over as a result of Siberian freezing weather blasting across the continent. Eastern Europe (Romania and Bulgaria) has been buried under meters of snow, the cold in Germany is bitter; in France it’s biting; England has also had its fair share and has cancelled a number of flights. I can only guess what is happening in Scandinavia and Poland. In Munich today it’s -9C, and it’s supposed to get down to -19C tonight, but the Bavarians are undaunted!

The photos are not mine, seeing as how I was at the Munich Security Conference all day. I’m a newbie here – I’ve never been involved at this level before (well, if you discount the London Conference on Cyberspace and Davos), but everything seemed to go well! I was on the roundtable, a few meetings and interviews. Here is my observations of the proceedings.

Read more: Big geopolitical players talk cyber security

Hi everyone!

The Russian parliamentary elections late last year and the ensuing mass protests against their alleged falsification have brought about a sharp increase in the level of polarization of viewpoints being bandied about on Russian-language social networks and online media.

Simultaneously with all this, plenty of the Russian online media were visited by a ghost – the ghost of DDoS (Distributed Denial of Service Attack) – in early December 2011. This led to brazen hacker attacks, with one after another Russian website going down, and several attacks occurring simultaneously. Some were organized using traditional criminal bot networks, but behind them, it sure seems to me, stood marginal political groups, since the victims of the attacks were the sites both of opposition groups (including the Communist Party) and also of the ruling United Russia party.

A second DDoS attack – in mid-December – was more sophisticated. To date we still don’t have any reliable information about its origin – that is, not technically (how they actually pulled off the DDoS), and not the people who ordered it. And I’m not sure we’ll ever get to the bottom of it.

But I won’t get bogged down here with theory.

Read more: Let me get straight to DDoS in action …

So, what do you think happens 250 billion times a day? Well, OK, it’s a rhetorical question, especially if you paid attention to the title.  But every day, in total, 250 billion spam e-mails are sent to inboxes all over the world. It sounds like a lot, but let’s be honest, does that number really shock you?

Next, try to define what you think of as spam. Most people assume it’s about Viagra, Nigerian letters and other pathetic, lame scams which jam up your inbox and slow down your daily business. But here’s the thing: spam is far more than just unsolicited ads. That Viagra offer is just the tip of the iceberg, while spam as a phenomenon is a crucial part of a huge cybercrime ecosystem. And the apparent “innocence” of spam is the illusion that I will be debunking here.

The technical foundations of the cybercrime ecosystem are botnets. These are huge clusters of computers infected with special Trojans (bots) that allow cyber crooks to remotely control these computers without their owners even knowing about it. That’s why experts also call botnets zombie networks – the computers are modified to obey cyber criminals’ commands as if they are zombies. Sometimes botnets can consist of millions of computers. For example, the notorious Kido (Conficker) botnet contained 7 million bots while TDSS had around 4.5 million bots.

How do they make money from botnets? The economics is quite simple here. Cyber crooks monetize the botnets in several ways including DDoS attacks, advertising services, phishing, data theft, etc. The picture looks something like this:

Read more: So, what is the big deal about spam?

Davos (and if you’re really with it, the stress will be on the second syllable).

What do people who follow the news know about this place? Yes, only from the news! Davos…forum, economics, politics, anti-globalization, police. The place bursts to life like a geyser on Kamchatka – not very often, but when it does, you know about it.

Well, I was here too. For the first two days as a tourist, then things get a bit more serious…

Read more: It’s a small mountain hamlet!

She has made it!!!

Read more: Who is she? …

A big hello from Austria!

This trip, not to mention this year, has got off to a very good start – we have been named AV-Comparatives’ Product of the Year!

Read more: Here’s my take on the world of AV testing …

Costin Raiu, one of our top generals in the war against malware, recently published an interesting post on the ten most significant events in the security field in 2011. I liked it; and the idea of a top-ten; so much so I decided to come up with my own. It mostly matches Costin’s report, but somehow this is a slightly different view. It’s not just regarding the past year – it’s a little broader: tendencies in the security market and about security in general. An “unofficial”, non-hoity-toity view of the important stuff – both that’s with us now, or that will be soon…

And so here’s my top-ten:

1. Hacktivism
2. Militarization of the Internet and Cyber Weapons
3. Social Networks and Politics
4. The Duqu Cyber-Bomb
5. Widely Publicized Hacks and Industrial Espionage
6. Certification Authorities: the Beginning of the End
7. Cybercrime: as Romantic as Sewage
8. Android Malware
9. Mac Malware
10. Intel Taking Over McAfee – Intel-ligent Move or Epic McFail?

Read More: And now in detail…

Howdy all!

A couple of Fridays back our friendly international team plus special guests had our annual Christmas & New Year work do! It wasn’t a Much Ado about Nothing. It was a Much Ado about ROCK! This year our luau took place in a brand spanking new Moscow venue called Kazakova Hall, which opened only in September just off the busy Kutuzovsky Prospekt (getting there turned out to be a bit of a ‘mare – one minus). The place was basically an abandoned factory – a second minus; still, to some I think it was a plus – especially for our foreign employees :)

Anyway, all the rest was one big fat funking plus! The shindig was called “Rock the New Year!” with real bikers, bikes, and Bigfoots supporting the entourage of the rocker party. Around 1500 guests partied the night away, including 200 guests from our regional offices.

See more: The program details and some nice shots!

For quite a while now we’ve had a bit of an annual tradition in the run-up to the New Year festivities – every December we summarize all the security goings-on of the last 12 months, and then prophesize a bit about what’s in store in the coming year. This year we did our roundup and predictions – covering all sorts of, regrettably, frightening stuff – at a press conference in Moscow last Monday. It was a pretty stylish event – with a hospital theme as you can see from the pic below. But I won’t go over all that again here. Here’s the original text used at the press conference, and here’s a link to the pdf summary.

Here, let me outline the main points in our review/prognosis.

More: Internet access from workplace and Internet passportization …

More: The Salt of the Incas’ Earth. . .