Cyber Security
Cyber threats to consumers: From credit card to ransomware The half-day Ransomware seminar at the RSA Singapore 2017 conference dived into the latest waves of attacks in Cyber Space. Through innovative research, case studies and panels, the seminar discussed and offered insights into the technical, policy, compliance and economics of the issue and the underground economy - its motivation, actors and organisations, and impacts on the wider economy
By Jane Lo Singapore Correspondent
26 | Asia Pacific Security Magazine
Ransomware When WannaCry struck computer systems of private and public organisations across 150 countries in May, notably the NHS (National Health Service in UK), several competing attribution theories were put forward with no consensus view: How similar to previous attacks were the use of the DoublePulsar backdoor, the EternalBlue exploit, and the SMB (Server Message Block) vulnerability for propagation? Were there consistent evidence linking the threat actors and their motivations to a sophisticated financially motivated group, or a national or state-affiliated actor conducting a disruptive operation? Some pointed out that the low number of Bitcoin wallets could be attributed to either unsophisticated actor, or a state-sponsored actor conducting a trial run. The initial infection vector remained unknown. IBM X-Force scanned over one billion emails passing through its honeypots and found no evidence suggesting that spam/phishing was the first stage of attack and functioned as the delivery mechanism of the ransomware. Over time, new information will come to light and support or discredit the theories of who was behind the
WannaCry campaign. The recent arrest of the alleged NotPetya perpetrator operating from his Ukraine home illustrated how, in some cases, the plausible identities of the attackers may not even form part of the widely discussed theories.
Credit Card Fraud At the Ransomware seminar, the speakers agreed that Ransomware is a simpler and more effective means of monetizing an illegitimate activity, compared to, say, Credit Card fraud. To execute the latter scheme, there are complications, including the need to gather credit card credentials (Security Code, PIN), search for “droppers, runners, or shoppers� to convert to legal tender currency or real-economy goods and services, and third-parties to create counterfeit cards with the stolen details. These activities form the chain of a Credit Card Fraud cycle that involves the Harvesters, Distributors, Monetisers. As with Ransomware, the chain of events is triggered with an introduction of a malware through vulnerabilities exploitation and/or Phishing, Key-Logging, or even via an