19 April 2018
Uri Rivner

The Joy of Fraud Fighting

Uri Rivner - BioCatch

78Posts 371,408Views 36Comments
Online Banking

Online Banking

This community is for discussion of developments in the e-banking world, including mobile banking. This can include all the functional, business, technical, marketing, web site design, security and other related topics of Internet Banking segment, including public websites of the banks and financial institutions across the globe.

Those were the days

14 February 2010  |  5961 views  |  0

Two weeks ago I was cycling in the gym, watching cable TV. Roger Federer was beating Andy Murray live from Melbourne; after losing a point he looked at his tennis racket in puzzlement, as if trying to understand what just happened, and then he resumed winning game after game without even the basic courtesy of showing signs of sweat. Murray gave him a decent British fight, but the outcome was set after set of Swiss precision.

So at some point I started flipping through the other channels, and saw a low-budget film starting. The actor names flashing in and out were mostly unknown, but then the opening scene was about computer viruses and this caught my attention.

A few minutes into the movie I realized this is a 2000 direct-to-video film called Takedown about hacker Kevin Mitnik. The movie is based on a highly controversial novel, but I don’t want to get into that. I’ll just say that watching it brought a wave of romantic nostalgia.

Why romantic nostalgia? Two things. First, Kevin Mitnik was known for shrewdly combining social engineering skills with hacking know-how, and the film does a good work presenting the social engineering elements: calling company employees to get access to non public data; contacting a code developer and tricking him to send over some design documents. Most of the social engineering used for today’s online fraud is very different: it’s almost an exact science, a methodology to maximize response rates to mass phishing, rogue Anti Virus, and crimeware infection links. It’s clever, but in a different way.

Second, because the film takes place in the nineties. The Internet was still in diapers, cellular phones were a novelty, and hackers were still doing it mostly for bragging rights, not for profit. They were engaged in Cybercrime, but not the sort of Cybercrime we have nowadays: Mitnik and his supporters always maintained he never misused any data he stole. Very much like good old War Games.

Today, cybercrime is a nasty business. The vast majority of those involved do it for sheer profit. I’m not saying the weapons they use are not state-of-the-art: in comparison, the tools people like Mitnik developed fifteen years ago seem very much like the computers on board Apollo 11.

But unlike the hacking infrastructure of the nineties, today’s crimeware is primarily built for point-and-shoot functionality like cell phone cameras, so almost everyone can use them – not just the fraudster elite. Take the latest spear phishing attack which spoofed NSA emails; the Trojan used was Zeus 2.0, the most popular Trojan kit on earth – and not a highly complex, custom-built crimeware, which are almost an endangered species these days.

Well, like any nostalgic look-back, I’m probably exaggerating a bit. Today’s top cybercriminals are not less clever and determined; the tools they build are formidable, and in retrospect everything always looks nostalgic. I’ll bet that in fifteen years we’ll look back, sigh, and say: gosh, those were the days.


Comments: (0)

Comment on this story (membership required)

Latest posts from Uri

Brazil vs. Germany: A Surprising Find

12 July 2014  |  3947 views  |  1 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Sweetheart Scams: When Fraudsters Turn to Romance

30 June 2014  |  3221 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

BitCoin Explained: How to Become a BitCoin Thief - part 1

04 December 2013  |  22639 views  |  1 comments | recomends Recommends 1 TagsMobile & onlinePaymentsGroupInformation Security

A Message from Hell

01 October 2013  |  3869 views  |  0 comments | recomends Recommends 0 TagsSecurityMobile & onlineGroupInnovation in Financial Services

Uri's profile

job title Head of Cyber Strategy
location Tel Aviv
member since 2008
Summary profile See full profile »
Internet. The perfect fraud frontier. These are the thoughts of Uri Rivner, head of Cyber Strategy at BioCatch and formerly Head of new technologies, identity protection, at RSA, the security division...

Uri's expertise

Member since 2008
78 posts36 comments
What Uri reads

Who's commenting on Uri's posts