G Data Malware Report Half-Year Report January-June 2010

Total Page:16

File Type:pdf, Size:1020Kb

G Data Malware Report Half-Year Report January-June 2010 G Data Malware Report Half-year report January-June 2010 Ralf Benzmüller & Sabrina Berkenkopf G Data Security Labs MalwareReport_1_2010 Go safe. Go safer. G Data. G Data Malware Report January-June 2010 Content At a Glance ..................................................................................................................................................3 Malware: Facts and Figures .....................................................................................................................4 Malware cornucopia ......................................................................................................................................................4 Malware Categories........................................................................................................................................................5 Malware Families .............................................................................................................................................................6 Platforms: .Net increasing ...........................................................................................................................................8 Conclusion and Trends 2010 ...................................................................................................................9 Outlook................................................................................................................................................................................9 Events and Trends in the first Half of 2010 ........................................................................................10 January 2010 ...................................................................................................................................................................10 February 2010 ................................................................................................................................................................11 March 2010.......................................................................................................................................................................12 April 2010 ..........................................................................................................................................................................15 May 2010 ...........................................................................................................................................................................16 June 2010 ..........................................................................................................................................................................17 Copyright © 2010 G Data Software AG 2 G Data Malware Report January-June 2010 At a Glance • In the first half of 2010, there were 1,017,208 new malware programs, once again a new record. • In comparison with the previous half-year, the number increased by 10%, and was a full 50% more than the same period last year. • In 2010 as a whole, we expect more than 2 million new computer malware programs to be picked up. • With a 51% increase, spyware is the malware category showing the biggest increase in volume. This is especially true for keyloggers and banking Trojans. • The volume of new adware has fallen by 40%. • The two most productive malware families, Genome and Hupigon, resulted in more variants than the entire total of malicious programs in 2007. • Malicious programs aimed at Windows are the most predominant, representing 99.4% of all occurrences. The proportion of .NET malware, however, climbed by a factor of 3.4 and now represents 0.9%. Even malware authors are taking advantage of the benefits of .NET. • Malicious code written for Unix derivatives and Java also increased considerably. Trends • Data theft is and remains a core function of malware. • Adware is being superseded by virus protection imitations (fake AV) and blackmailers. • More and more online services and functions are being misused for malicious purposes. Events • Social networks make it into the events lists with plenty of innovations but also a few data leaks. Far in the lead are Twitter and the market leader, Facebook. • The Mariposa botnet has been put out of action. Spanish police have arrested the three opera- tors. • The Waledac Botnet, one of the ten largest in USA, has also been hit hard by investigators and 277 .com domains have been removed from the net. • The German Emissions Trading Authority is the victim of a phishing attack in which the crimi- nals steal and trade permits worth around three million euros. • PDF files increasingly become the focus of malware authors and consequently reports of weak points in PDF readers abound. Copyright © 2010 G Data Software AG 3 G Data Malware Report January-June 2010 Malware: Facts and Figures Malware cornucopia 2005 2006 2007 2008 2009 2010 H 1 Diagram 1: Number of new malware programs per year since 2005 and in first half of 2010 The 1,017,208 new malicious computer programs1 detected in the first half of 2010 represented a new record, exceeding the previous half year by around 10%. In comparison with the same period last year, the number was up by more than 50%. In the first half of 2010 alone, more new malicious programs have surfaced than in the whole of 2008. By the end of the year, the number of new malicious programs is likely to break through the two million level. Jan Feb March April May June July Aug Sep Oct Nov Dec Diagram 2: Number of new malware programs per month for 2009 and 2010 1 The figures in this report are based on the identification of malware using virus signatures. They are based on similarities in the code in the harmful files. Many malicious codes are similar and are gathered together in categories, in which small deviations are referred as variants. Fundamentally different files form the foundation for their own families. The count is based on new signature variants created in the first half of 2010. Copyright © 2010 G Data Software AG 4 G Data Malware Report January-June 2010 Malware categories The proportion of spyware has grown by about 3.4% in comparison with the second half of 2009 - a bigger increase in share than for any other category. Consequently, the considerable downturn recorded in the last G Data malware report has come to an end, even though the share achieved in the same period last year was not reached. In absolute figures this corresponds to an increase of 51%. Particularly high growth rates were recorded in the keylogger2 and banking trojan3 spyware categories. In contrast, the increasing use of rootkits has continued unabated. Their number again grew over the last half by a factor of 2.6. On the other hand, worms - the meteoric risers of the last G Data malware report - could not sustain that rate of increase, but did however maintain the same level. The share of Trojan horses exceeded the high level of the previous half year. In this group, the level of ransomware (blackmailers and some fake AVs) increased by a factor of 10 in comparison with the same period last year! The share of new backdoors has fallen by around 2.9% and in so doing is continuing the down- wards trend from the first half of 2009. Also the number oftools decreased by a factor of about a third, their share falling to 1.0%. The most marked fall was in the quantity of adware. In contrast with the previous year (H1 2009 to H1 2010), numbers have fallen by around 40%, with the share falling from 5.3% to 2.1%. Diff. Diff. 2010 H1 2010 H1 Category # 2010 H1 Share # 2009 H2 Share 2009 H2 # 2009 H1 Share 2009 H1 Trojan horses 433,367 42.6 % 393,421 42.6 % +10 % 221,610 33.6 % +96 % Downloaders/ droppers 206,298 20.3 % 187,958 20.3 % +10 % 147,942 22.1 % +39 % Spyware 130,175 12.8 % 86,410 9.4 % +51 % 97,011 14.6 % +34 % Backdoors 122,469 12.0 % 137,484 14.9 % -11 % 104,224 15.7 % +18 % Worms 53,609 5.3 % 51,965 5.6 % +3 % 26,542 4.0 % +102 % Rootkits 31,160 3.1 % 11,720 1.3 % +166 % 12,229 1.9 % +155 % Adware 21,035 2.1 % 30,572 3.3 % -31 % 34,813 5.3 % -40 % Tools 9,849 1.0 % 14,516 1.6 % -32 % 11,413 1.6 % -14 % Exploits 2,495 0.2 % 3,412 0.4 % -27 % 2,279 0.3 % +9 % Miscellaneous 6,751 0.7 % 5,543 0.5 % +22 % 4,593 0.7 % +47 % Total 1,017,208 100.0 % 924,053 100.0 % +10 % 663,952 100.0 % +53 % Table 1: Number and share of new malware categories in 2009 and 2010 and their change 2 2.5 times compared to the second half of 2009 3 2.2 times compared to the first half of 2009 Copyright © 2010 G Data Software AG 5 G Data Malware Report January-June 2010 Malware families Malicious programs can be grouped into families according to their functions and properties. For some of these families, new variants are constantly being produced. While the share of new mali- cious programs grew constantly in the past, the number of different families reduced. This trend came to an end in the last half year. In the first half of 2010 there were 2,262 active malware fami- lies. This is approximately 3% higher than the value for the last half year and approximately one seventh greater than the first half of 2009. # 2010 H1 Virus family # 2009 H2 Virus family # 2009 H1 Virus family 1 116,469 Genome 67,249 Genome 34,829 Monder 2 32,830 Hupigon 38,854 PcClient 26,879 Hupigon 3 30,055 Buzus 37,026 Hupigon 18,576 Genome 4 25,071 Refroso 35,115 Scar 16,719 Buzus 5 24,961 Scar 24,164 Buzus 16,675 OnlineGames 6 21,675 Lipler 20,581 Lipler 13,889 Fraudload 7 19,385 OnlineGames 19,848 Magania 13,104 Bifrose 8 17,542 Palevo
Recommended publications
  • Cyber Security Practices and Challenges at Selected Critical Infrastructures in Ethiopia: Towards Tailoring Cyber Security Framework
    ADDIS ABABA UNIVERSITY COLLEGE OF NATURAL AND COMPUTATIONAL SCIENCES SCHOOL OF INFORMATION SCIENCE CYBER SECURITY PRACTICES AND CHALLENGES AT SELECTED CRITICAL INFRASTRUCTURES IN ETHIOPIA: TOWARDS TAILORING CYBER SECURITY FRAMEWORK By TEWODROS GETANEH JUNE, 2018 ADDIS ABABA, ETHIOPIA ADDIS ABABA UNIVERSITY COLLEGE OF NATURAL AND COMPUTATIONAL SCIENCES SCHOOL OF INFORMATION SCIENCE CYBER SECURITY PRACTICES AND CHALLENGES AT SELECTED CRITICAL INFRASTRUCTURES IN ETHIOPIA: TOWARDS TAILORING CYBER SECURITY FRAMEWORK A Thesis Submitted to School of Graduate Studies of Addis Ababa University in Partial Fulfillment of the Requirements for the Degree of Master of Science in Information Science By: TEWODROS GETANEH Advisor: Tebebe Beshah (PhD) JUNE, 2018 Addis Ababa, Ethiopia ADDIS ABABA UNIVERSITY COLLEGE OF NATURAL AND COMPUTATIONAL SCIENCE SCHOOL OF INFORMATION SCIENCE CYBER SECURITY PRACTICES AND CHALLENGES AT SELECTED CRITICAL INFRASTRUCTURES IN ETHIOPIA: TOWARDS TAILORING CYBER SECURITY FRAMEWORK By: Tewodros Getaneh Name and signature of Members of the Examining Board Tebebe Beshah (PhD) __________ _________ Advisor Signature Date Lemma Lenssa (PhD) ___________ __________ Examiner Signature Date Dereje Teferi (PhD) __________ _________ Examiner Signature Date Declaration This thesis has not previously been accepted for any degree and is not being concurrently submitted in candidature for any degree in any university. I declare that the thesis is a result of my own investigation, except where otherwise stated. I have undertaken the study independently with the guidance and support of my research advisor. Other sources are acknowledged by citations giving explicit references. A list of references is appended. Signature: ________________________ Tewodros Getaneh This thesis has been submitted for examination with my approval as university advisor. Advisor’s Signature: ________________________ Tebebe Beshah (PhD) i | P a g e Dedication This work is dedicated to my beloved sister Eleni Getaneh.
    [Show full text]
  • Large-Scale Malware Experiments
    LARGE-SCALE MALWARE EXPERIMENTS ... CALVET ET AL. LARGE-SCALE MALWARE • Unlike with in-the-wild experiments [1], there are fewer ethical or legal issues to deal with than when performing EXPERIMENTS: WHY, HOW, AND arbitrary attacks against infected computers. SO WHAT? • Having an in vitro environment provides us with a way to Joan Calvet, Jose M. Fernandez conduct computer security research in a scientifi c way: we École Polytechnique de Montréal, Montréal, Canada can reproduce experiments and test the effect of various independent variables. Email {joan.calvet, jose.fernandez}@polymtl.ca We decided to use the Waledac botnet as a fi rst experiment for the following reasons: Pierre-Marc Bureau ESET, Montréal, Canada • Thanks to prior reverse engineering [2], we had in-depth knowledge of this threat family. Email [email protected] • This malware does not replicate, thus limiting the risk of running an experiment that might get out of control. Jean-Yves Marion LORIA, Nancy, France • There exists a set of vulnerabilities in Waledac’s peer-to- peer protocol that were worth investigating. We wanted to Email [email protected] evaluate the impact of a mitigation scheme against the botnet. ABSTRACT 1.1 The Waledac case study One of the most popular research areas in the anti-malware The architecture of the Waledac botnet is split into four layers. industry (second only to detection) is to document malware The fi rst layer contains infected hosts with private IP addresses characteristics and understand their operations. Most initiatives that are referred to as spammers. They are essentially the are based on reverse engineering of malicious binaries so as to ‘worker’ bots and constitute approximately 80% of the botnet.
    [Show full text]
  • Classification of Malware Persistence Mechanisms Using Low-Artifact Disk
    CLASSIFICATION OF MALWARE PERSISTENCE MECHANISMS USING LOW-ARTIFACT DISK INSTRUMENTATION A Dissertation Presented by Jennifer Mankin to The Department of Electrical and Computer Engineering in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Electrical and Computer Engineering in the field of Computer Engineering Northeastern University Boston, Massachusetts September 2013 Abstract The proliferation of malware in recent years has motivated the need for tools to an- alyze, classify, and understand intrusions. Current research in analyzing malware focuses either on labeling malware by its maliciousness (e.g., malicious or benign) or classifying it by the variant it belongs to. We argue that, in addition to provid- ing coarse family labels, it is useful to label malware by the capabilities they em- ploy. Capabilities can include keystroke logging, downloading a file from the internet, modifying the Master Boot Record, and trojanizing a system binary. Unfortunately, labeling malware by capability requires a descriptive, high-integrity trace of malware behavior, which is challenging given the complex stealth techniques that malware employ in order to evade analysis and detection. In this thesis, we present Dione, a flexible rule-based disk I/O monitoring and analysis infrastructure. Dione interposes between a system-under-analysis and its hard disk, intercepting disk accesses and re- constructing high-level file system and registry changes as they occur. We evaluate the accuracy and performance of Dione, and show that it can achieve 100% accuracy in reconstructing file system operations, with a performance penalty less than 2% in many cases. ii Given the trustworthy behavioral traces obtained by Dione, we convert file system- level events to high-level capabilities.
    [Show full text]
  • An Introduction to Malware
    Downloaded from orbit.dtu.dk on: Sep 24, 2021 An Introduction to Malware Sharp, Robin Publication date: 2017 Document Version Publisher's PDF, also known as Version of record Link back to DTU Orbit Citation (APA): Sharp, R. (2017). An Introduction to Malware. General rights Copyright and moral rights for the publications made accessible in the public portal are retained by the authors and/or other copyright owners and it is a condition of accessing publications that users recognise and abide by the legal requirements associated with these rights. Users may download and print one copy of any publication from the public portal for the purpose of private study or research. You may not further distribute the material or use it for any profit-making activity or commercial gain You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim. An Introduction to Malware Robin Sharp DTU Compute Spring 2017 Abstract These notes, written for use in DTU course 02233 on Network Security, give a short introduction to the topic of malware. The most important types of malware are described, together with their basic principles of operation and dissemination, and defenses against malware are discussed. Contents 1 Some Definitions............................2 2 Classification of Malware........................2 3 Vira..................................3 4 Worms................................
    [Show full text]
  • A PRACTICAL METHOD of IDENTIFYING CYBERATTACKS February 2018 INDEX
    In Collaboration With A PRACTICAL METHOD OF IDENTIFYING CYBERATTACKS February 2018 INDEX TOPICS EXECUTIVE SUMMARY 4 OVERVIEW 5 THE RESPONSES TO A GROWING THREAT 7 DIFFERENT TYPES OF PERPETRATORS 10 THE SCOURGE OF CYBERCRIME 11 THE EVOLUTION OF CYBERWARFARE 12 CYBERACTIVISM: ACTIVE AS EVER 13 THE ATTRIBUTION PROBLEM 14 TRACKING THE ORIGINS OF CYBERATTACKS 17 CONCLUSION 20 APPENDIX: TIMELINE OF CYBERSECURITY 21 INCIDENTS 2 A Practical Method of Identifying Cyberattacks EXECUTIVE OVERVIEW SUMMARY The frequency and scope of cyberattacks Cyberattacks carried out by a range of entities are continue to grow, and yet despite the seriousness a growing threat to the security of governments of the problem, it remains extremely difficult to and their citizens. There are three main sources differentiate between the various sources of an of attacks; activists, criminals and governments, attack. This paper aims to shed light on the main and - based on the evidence - it is sometimes types of cyberattacks and provides examples hard to differentiate them. Indeed, they may of each. In particular, a high level framework sometimes work together when their interests for investigation is presented, aimed at helping are aligned. The increasing frequency and severity analysts in gaining a better understanding of the of the attacks makes it more important than ever origins of threats, the motive of the attacker, the to understand the source. Knowing who planned technical origin of the attack, the information an attack might make it easier to capture the contained in the coding of the malware and culprits or frame an appropriate response. the attacker’s modus operandi.
    [Show full text]
  • Climate Change Adaptation in the Arab States Best Practices and Lessons Learned
    Climate Change Adaptation in the Arab States Best practices and lessons learned United Nations Development Programme 2018 | 1 UNDP partners with people at all levels of society to help build nations that can withstand crisis, and drive and sustain the kind of growth that improves the quality of life for everyone. On the ground in nearly 170 countries and territories, we offer global perspective and local insight to help empower lives and build resilient nations. www.undp.org The Global Environment Facility (GEF) was established on the eve of the 1992 Rio Earth Summit to help tackle our planet’s most pressing environmental problems. Since then, the GEF has provided over $17 billion in grants and mobilized an additional $88 billion in financing for more than 4000 projects in 170 countries. Today, the GEF is an international partnership of 183 countries, international institutions, civil society organizations and the private sector that addresses global environmental issues. www.thegef.org United Nations Development Programme July 2018 Copyright © UNDP 2018 Manufactured in Bangkok Bangkok Regional Hub (BRH) United Nations Development Programme 3rd Floor United Nations Service Building Rajdamnern Nok Avenue, Bangkok, 10200, Thailand www.adaptation-undp.org Authors: The report preparation was led by Tom Twining-Ward in close collaboration with Kishan Khoday, with Cara Tobin as lead author and Fadhel Baccar, Janine Twyman Mills, Walid Ali and Zubair Murshed as contributing authors. The publication was professionally reviewed by fellow UNDP colleagues, Amal Aldababseh, Greg Benchwick, Hanan Mutwaki, Mohamed Bayoumi, and Walid Ali. Valuable external expert review, comments, and suggestions were provided by Hussein El-Atfy (Arab Water Council), Ibrahim Abdel Gelil (Arabian Gulf University), and William Dougherty (Climate Change Research Group).
    [Show full text]
  • BEGIN README.TXT-- PC Media Antivirus (PCMAV)
    --BEGIN README.TXT-- PC Media Antivirus (PCMAV) 9.9.1 Copyright (c) 2006-2014 Majalah PC Media Pinpoint Publications Group ************************************************************************ MEMANFAATKAN/MENGGUNAKAN PCMAV BERARTI ANDA MENGERTI DAN SETUJU DENGAN SELURUH KETENTUAN YANG ADA DI BAGIAN "KETENTUAN PENGGUNAAN (END-USER LICENSE)" YANG TERDAPAT PADA FILE README.TXT INI. PCMAV INI DIBUAT KHUSUS DAN DIPERSEMBAHKAN BAGI "PEMBACA SETIA" PC MEDIA DAN YANG KAMI CINTAI. MAKA DARI ITU, JIKA ANDA ADALAH PENGGUNA PEMULA DAN ATAU MERASA KESULITAN MEMAHAMI ISI README.TXT INI, BAIK SEBAGIAN MAUPUN SECARA KESELURUHAN, MAKA KAMI SANGAT MENYARANKAN ANDA UNTUK BERKONSULTASI TERLEBIH DULU DENGAN REKAN ANDA YANG LEBIH BERPENGALAMAN DALAM BERKOMPUTER. ATAU DEMI KENYAMANAN ANDA, MAKA KAMI SARANKAN UNTUK TIDAK MENGGUNAKAN PCMAV SAMA SEKALI. ************************************************************************ ------------------------------ ANTIVIRUS KEBANGGAAN INDONESIA ------------------------------ Tidak ada antivirus lain yang mampu mengatasi secara tuntas virus komputer, baik lokal maupun asing, yang banyak menyebar di Indonesia sebaik dan seaman PCMAV. Umumnya antivirus yang ada hanya mampu mengenali dan menghapus file yang dideteksi bervirus. PCMAV menyempurnakannya dengan tingkat akurasi pendeteksian yang lebih tinggi, sehingga lebih handal dalam mengembalikan file, dokumen dan sistem yang menjadi sasaran serangan virus hingga pulih 100%. Dengan PCMAV, Anda akan mendapatkan antivirus yang bukan hanya sekadar mendeteksi namun daya basminya
    [Show full text]
  • The Exceptionalist's Approach to Private Sector Cybersecurity
    The Exceptionalist’s Approach to Private Sector Cybersecurity: A Marque and Reprisal Model By Michael Todd Hopkins B.A., June 2000, University of Nevada, Reno J.D., May 2003, Southern Methodist University A Thesis submitted to The Faculty of The George Washington University Law School in partial satisfaction of the requirements for the degree of Master of Laws August 15, 2011 Thesis directed by Gregory E. Maggs Interim Dean; Professor of Law Acknowledgement I wish to thank Interim Dean Gregory E. Maggs for his feedback and comments in this endeavor. Any errors or omissions are solely that of the author. ii Disclaimer Major Michael T. Hopkins serves in the U.S. Air Force Judge Advocate General’s Corps. This paper was submitted in partial satisfaction of the requirements for the degree of Master of Laws in National Security and U.S. Foreign Relations at The George Washington University Law School. The views expressed in this paper are solely those of the author and do not reflect the official policy or position of the United States Air Force, Department of Defense or United States Government. iii Abstract The Exceptionalist’s Approach to Private Sector Cybersecurity: A Marque and Reprisal Model As practitioners and academics debate our nation’s cybersecurity policy the focus remains upon our national security interests as the federal government lacks the resources and people to protect all areas of society. However, this approach largely ignores the private sector despite an estimated global loss of one trillion dollars annually to cyberattacks and exploitations. Moreover, current domestic and international law do little to provide self-defense options for the private sector.
    [Show full text]
  • Effective Malicious Features Extraction and Classification for Incident Handling Systems
    EFFECTIVE MALICIOUS FEATURES EXTRACTION AND CLASSIFICATION FOR INCIDENT HANDLING SYSTEMS CHO CHO SAN UNIVERSITY OF COMPUTER STUDIES, YANGON OCTOBER, 2019 Effective Malicious Features Extraction and Classification for Incident Handling Systems Cho Cho San University of Computer Studies, Yangon A thesis submitted to the University of Computer Studies, Yangon in partial fulfillment of the requirements for the degree of Doctor of Philosophy October, 2019 Statement of Originality I hereby certify that the work embodied in this thesis is the result of original research and has not been submitted for a higher degree to any other University or Institution. …..…………………………… .…………........………………………… Date Cho Cho San ACKNOWLEDGEMENTS First of all, I would like to thank Hist Excellency, the Minister for the Ministry of Education, for providing full facilities support during the Ph.D. course at the University of Computer Studies, Yangon. Secondly, my profound gratitude goes to Dr. Mie Mie Thet Thwin, Rector of the University of Computer Studies, Yangon, for allowing me to develop this research and giving me general guidance during the period of my study. I would like to express my greatest pleasure and the deepest appreciation to my supervisor, Dr. Mie Mie Su Thwin, Professor, the University of Computer Studies, Yangon, for her excellent guidance, caring, patient supervision, and providing me with excellent ideas throughout the study of this thesis. I would also like to extend my special appreciation to Dr. Khine Moe Nwe, Professor and Course-coordinator of the Ph.D. 9th Batch, the University of Computer Studies, Yangon, for her useful comments, advice, and insight which are invaluable through the process of researching and writing this dissertation.
    [Show full text]
  • Significant Cyber Incidents Since 2006 This List Is a Work in Progress That We Update As New Incidents Come to Light. If You H
    Significant Cyber Incidents Since 2006 This list is a work in progress that we update as new incidents come to light. If you have suggestions for additions, send them to [email protected]. Significance is in the eye of the beholder, but we focus on successful attacks on government agencies, defense and high tech companies, or economic crimes with losses of more than a million dollars. 1. May 2006. The Department of State’s networks were hacked, and unknown foreign intruders downloaded terabytes of information. If Chinese or Russian spies backed a truck up to the State Department, smashed the glass doors, tied up the guards and spend the night carting off file cabinets it would be an act of war, but when it happens in cyberspace we barely notice. 2. August 2006. A senior Air Force Officer stated publicly that, “China has downloaded 10 to 20 terabytes of data from the NIPRNet (the unclassified military network).” 3. November 2006. Hackers attempted to penetrate U.S. military War College networks, resulting in a two week shutdown at one institution while infected machines are restored. 4. December 2006. NASA was forced to block emails with attachments before shuttle launches out of fear they would be hacked. Business Week reported that the plans for the latest U.S. space launch vehicles were obtained by unknown foreign intruders. 5. 2006. Chinese hackers were thought to be responsible for shutting down the House of Commons computer system. 6. April 2007. The Department of Commerce had to take the Bureau of Industrial Security’s networks offline for several months because its networks were hacked by unknown foreign intruders.
    [Show full text]
  • Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men
    Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide
    [Show full text]
  • E-Commerce Security and Fraud Issues and Protections 10
    E-Commerce Security and Fraud Issues and Protections 10 C o n t e n t s Learning Objectives Opening Case: How State University of New York College at Old Westbury Upon completion of this chapter, you will be Controls Its Internet Use ...................................... 458 able to: 10.1 The Information Security Problem .......... 459 1. Understand the importance and scope of security of information systems for EC. 10.2 Basic E-Commerce Security Issues and Landscape ........................................... 465 2. Describe the major concepts and terminol- ogy of EC security. 10.3 Technical Malware Attack Methods: From Viruses to Denial of Service ............ 471 3. Understand about the major EC security threats, vulnerabilities, and technical attacks. 10.4 Nontechnical Methods: From Phishing to Spam and Fraud .................... 476 4. Understand Internet fraud, phishing, and spam. 10.5 The Information Assurance Model 5. Describe the information assurance security and Defense Strategy ................................. 484 principles. 10.6 The Defense I: Access Control, 6. Identify and assess major technologies Encryption, and PKI ................................. 488 and methods for securing EC access and 10.7 The Defense II: Securing communications. E-Commerce Networks ............................. 494 7. Describe the major technologies for protec- 10.8 The Defense III: General Controls, tion of EC networks. Spam, Pop Ups, Fraud, and Social 8. Describe various types of controls and special Engineering Controls................................. 497 defense mechanisms. 10.9 Implementing Enterprisewide 9. Describe consumer and seller protection from E-Commerce Security ............................... 500 fraud. Managerial Issues.................................................. 504 10. Discuss enterprisewide implementation issues Closing Case: How One Bank Stopped Scams, for EC security. Spams, and Cybercriminals ................................. 509 11. Understand why it is so diffi cult to stop computer crimes.
    [Show full text]