Blog article
See all stories »

Dark Cloud

Everyone seems to be in the Clouds these days. Cloud Computing is certainly something we hear about more and more. The IT industry races full steam ahead into the great shapeless nebula that promises unfathomable rewards such as vast economy of scale and unimaginable resource effectiveness.

The Cloud is quite mysterious. Its boundaries, scope, controls and rules of engagement are yet to be determined by the industry. Many IT managers look at the gathering Cloud and scratch their heads, not really sure what to make of it. One thing is sure: it’s here to stay.

But there’s another Cloud covering the sky, and this one promises a bleak future.

I call it the Dark Cloud.

In the Cloud, you tap external forces as a resource to promote your business. In the Dark Cloud, external forces tap your resources to promote their business.

It’s the perfect mirror image of the Cloud.

The Dark Cloud is all around us, every minute of the day. It sends invisible tendrils that try to pull us from the safety of our secured world into a crazed alternative universe. A parallel, shadowy world in which the infrastructure we own is used for sinister deeds without leaving a shred of evidence.

By now you probably guess what I’m referring you. You know what the Dark Cloud is. It’s the rapidly growing infrastructure used by cyber criminals to promote their evil cause. Millions of zombie computers are at their disposal; thousands of legitimate websites they hijack on a weekly basis lead consumers to infection points. The Dark Cloud grows fast: it’s ten times bigger than last year. A much faster growth than the Cloud itself.

Today’s criminals no longer need to use their own resources. They use the Dark Cloud instead. They can use your PC to stage denial of service attacks such as the one that crippled Twitter. They can use your social network account to spread crimeware to all your friends. If you are an employee, they can use your laptop to penetrate the enterprise without spending a dime on attacking the highly resilient corporate network. If you reply to a ‘work from home, get lots of money’ ad, they can use your bank account to launder money stolen from victims of Phishing, or use your home address to reship goods bought with stolen credit cards.

The similarity between the Cloud and the Dark Cloud is striking. As a fraudster you don’t really care about where your stolen credentials and infection points are hosted; you just want to make sure your data and applications are always available and managing them does not cost much. Rings a bell?

The main benefit of the Dark Cloud is scale. A single cyber criminal can only do that much damage. But with the full malevolent power of the Dark Cloud, cyber criminals can effectively scale up – just like organizations using the Cloud.

And like its benevolent counterpart, the Dark Cloud is truly global. It’s a Trojan mothership in Russia. It’s a ‘drop zone’ for stolen credentials hosted in a hospital network in the US. It’s a fraud forum hosted in Pakistan.

Astrophysicists estimate that as much as 74% of the content in the universe is dark energy – a mysterious entity that does not have mass and does not interact with matter.

It’s much more difficult to estimate the exact size of the Dark Cloud, but there’s a ray of hope. Industry researchers are capable of exposing various bits of the Dark Cloud, shedding light on its black operation. This activity reveals much about the dynamics of the Dark Cloud, and helps the industry design better security, expand its ‘bag of tricks’ for fighting cyber crime, and scale up their counter measures.

The more we know about the Dark Cloud, the better. So feel free to share your thoughts about the Dark Cloud

Comments: (2)

Anthony Cossey
Anthony Cossey - Fixnetix ltd - London 24 August, 2009, 16:26Be the first to give this comment the thumbs up 0 likes

the amount of friends and family PC's that i have had have to rescue from rootkits or BOT's is reaching new heights. 

I fix the issue, normally via a format, re-install and data restore then attempt to prevent re-infection via the install an anti virus/spyware/firewall, RUBOTTED warning system and secunia software exploit information tools , however the BOT's get around all the protection i put on XP and Vista and i end up with a secondary case to deal with.

I myself run Linux at home and have no such problems, however i also run a Virtualised XP install which also has no issues, may be because it only browse well known websites and nothing of a suspect nature when using XP. I have converted 1 contact to Linux and she is delighted with a Linux desktop, mainly as she uses the PC for email, browsing and home office tasks.

Perhaps the 'dark cloud' spread could be halted by three things 1) more careful browsing via user education 2) adoption of an alternative operating system 3) a universal and open system of logging a PC's state when infected by a BOT/Rootkit.

the adoption of another OS only stops the surge for a while, as hackers would turn their attention to Linux, which does have expoits that could give unauthorised access, anyone updating their linux installs daily will understand that fact.

Uri Rivner
Uri Rivner - BioCatch - Tel Aviv 28 August, 2009, 12:16Be the first to give this comment the thumbs up 0 likes

I think you're hit the nail on the head. The Dark Cloud is not only a financial industry problem; it rapidly becomes a consumer and corporate problem. Microsoft is fully aware of the risk that businesses will move a big chunk of their PCs to alternative OS; and that private users will start asking themselves whether it's time to consider that Mac thingy their neighbor said she used because it's safer.

What's your thoughts on customer education? Any ideas on how to do that?

Uri Rivner

Uri Rivner

Chief Cyber Officer

BioCatch

Member since

14 Apr

Location

Tel Aviv

Blog posts

79

Comments

36

This post is from a series of posts in the group:

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.


See all