Mike's Cyber Threat Reading List
0 comment(s)
Early this year I delivered a presentation titled "Cyber Threats and the ACHâ€. Since I'm not an online security expert, I had to do a fair amount of research to develop this presentation. Several weeks ago I wrote a blog post Polymorphism and the Case for Transaction Monitoring that was generated from the research. In that blog, I promised to share some of the sources I found. (There are lots of them) BREAK As I did my research, I considered how access to the payments system is becoming more online centric, and came to the conclusion that fraud professional needs to know about online security and threats. In the fall of 2007, I started talking about the issue of what I called "the increasing nexus between online security and payments fraud†and this topic has become much more pronounced since then. So here is a list of documents and websites that you may find interesting and helpful.
First websites – Many of the papers I obtained came from these sites. The Anti-Virus companies proved to be particularly fertile ground; after all, it's their business. Industry groups were also very helpful.
www.antiphishing.org – This page will provide you a variety of reports and white papers generated by the Anti-Phishing Working Group and others.
www.eweek.com – This on-line magazine has some great search engines and articles that can serve as a base for additional research.
www.ic3.gov – Check out their press room, lots of good stuff; lots of links
www.krebsonsecurity.com – This may be my favorite blog. Brian Krebs used to write for the Washington Post, and had a blog there called security fix. He is on his own now; the Washington Post's loss; and is doing just fine. He runs a lot of articles about on-line security issues from a layman's perspective, which are easy reads, and easy to understand. He has a particular thing about corporate on-line account takeover, and resulting ACH and Wire fraud. It's in my favorites list for sure.
www.pandasecurity.com – This is my favorite site. They have several blogs; I like the Panda Labs and Panda Research blogs the best. This is the home users - security info page, and down the left side is a great directory of information. Tools and resources section contains reports and an excellent glossary. Panda Labs has a great resource center that gave me a basic education o a wide variety of cyber threats. If I was restricted to only one site for an education on this subject, this would be it.
www.schneier.com – Bruce Schneier is a longtime security expert with nearly a dozen books out etc. In a master's program I was in, his book "Secrets and Lies†was used as a text book.
www.secureworks.com/research – This is SecureWorks research page. There's a newsletter, blog, white papers etc.
www.staysafeonline.org – This is the National Cyber Security Alliance page. It has a very good tools and resources page.
www.symantec.com/connect – This is the Symantec site where you will find lots of research material and reports, including a couple I list below.
www.us-cert.gov – This one you may find a bit techy. (They got over my head real quick).
www.wired.com – This is another on-line tech type site. I would recommend using search or it may take awhile to find anything. I got the two articles listed below.
These are specific papers/reports that I found useful. There are more that are available directly from the sites listed above.
The CISCO Annual Threats report for 2009. The Irretrievable Losses of Malware-Enabled ACH and Wire Fraud. – This paper spoke directly to the topic I was presenting.
McAfee's Annual Report on Security for Mobile Devices. – It wasn'texactly in the topic I was researching, but with mobile banking expanding, this is an interesting look into potential issues we may be facing in that area.
One Sinowal Trojan + One Gang = Hundreds of Thousands of Compromised Accounts, RSA 10/2008 – This is a blog post about two particular trojans in the Sinowal family of malware (there are thousands).They talk about it as if Sinowal was a particular piece of malware but it's not, it is a whole family. Panda Labs has an "encyclopedia†that demonstrates this concept very well.
The IBM X-Force 2009 Trend and Risk Report.
Inside the Jaws of Trojan.Clampi –This paper on the Clampi Trojan was my first introduction into this topic, and made me thirsty for more.
The 2009 Threat Report – This is for the full year 2009 and it was just published in April.
Bank Botnet Serves Fake Info to Thwart Researchers. This is a scary article that brought it home to me how sophisticated these cyber criminals are. They can modify the victim's on-line statement to cover their fraud. Wow!
The Decade's 10 Most Dastardly Cybercrimes. This article demonstrates the maturation of the cybercriminal world. You can see how as time progresses, the cybercriminals get more sophisticated.
There are actually lots more, but I'll get yelled at for having this long of a blog post as it is.