“It turned out that the botnet runners had infected computers by instant-messaging malicious links to contacts on infected computers. They also got viruses onto removable thumb drives and through peer-to-peer networks. The program used to create the botnet was known as Mariposa, from the Spanish word for “butterfly.” – From Today’s USA Today….
A few notes on this
- These were business guys, not geeks, running a for-profit business. Mistakes made by senior management allowed authorities to track down the people in charge. According to the article, this is rarely the case – generally the people at the top don’t get caught.
- The goal is profit, the tool is the botnet – this botnet has been around for years, stealing millions of credit card numbers along with other sensitive data. Over 13Million computers are involved, and I assume the owners of these systems have no idea who they are. Likely, some of them are our clients.
- Instant messaging, P2P networking, and thumb drives – this is typical. Instant messaging means people were receiving links and clicking on them to infect their computers, P2P is on more computers than you might imagine – used by many to exchange free music among other things. Look for people using home computers for work purposes, or taking work computers home and allowing their kids to use them. This is a sure sign that data is at risk.
- Thumb drives – this is the oldest trick in the book…yet hackers still win with it.
Assessments are still the number one way to create immediate justification for project work and managed services. The question is, are you finding urgent issues? Make sure your team is trained the find the things that lead to justification – this is not always the focus for high end security consultants. I find companies continue to lead with policy projects, architectural issues, and highly technical rhetoric which generally lands the sales person back with (unqualified) IT people that want to fix it themselves.
One final note – this is not just about finding security project work…whatever you sell can start with risk issues. Whether you sell storage, servers, UC, applications…it doesn’t really matter. The issue sales people are facing right now is budget constraints, and this type of risk opens the door to assess risk, upgrade core systems, modify architecture, and implement managed services over every aspect of the IT architecture – if data is present, data is at risk. THIS is the topic of my March Teleseminar…