Why Aren’t Cyber Criminals Being Brought to Justice?

Uploaded on 2016-02-23 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-Law

Cyber criminals are making off with $400 to $500 billion in profits every year, leaving you to wonder why exactly attackers are getting away without being brought to justice.

Businesses of all size have their hands full with the 80 to 90 million cyber attacks that are launched every year. However, with 70% of these attacks going undetected, it shouldn’t come as a surprise that most cyber crime goes unpunished.

The simple answer is that cyber criminals are innovating at a far quicker pace than security professionals can keep up with, according to the Cisco 2015 Mid-Year Report.

Cyber criminals have plenty of tricks up their sleeves for evading cyber defenses, and the only way to cut down on these injustices is for businesses and governmental agencies to implement more proactive cyber security measures.

How exactly are the Attackers Slipping Through Legal Control?

Cyber criminals are ruthless—they’re persistent, sophisticated and entirely capable of outsmarting your network of cyber security applications. There are a number of evasion tools and strategies in the arsenals of skilled attackers that you’ll need to understand if you want to detect and catch these criminals.

Be on the lookout for 3 ways attackers can avoid being caught by you and the legal system:

Proxy Chaining

Cyber criminals are just like you and me: their activity is identified by an IP header. But if that’s the case, why can’t we catch them?

One way that attackers mask their IP address is by using proxy chains. Rather than directly attacking a network, cyber criminals compromise a system of proxy machines, routing their traffic through these computers to create a lengthy list of IP addresses in use.

They can take advantage of limited legal jurisdiction by routing traffic through countries such as Russia and Sweden to make it almost impossible to subpoena the necessary evidence for a court case.

Organisations like the FBI simply don’t have the resources or jurisdiction to track down every IP address for each cyber attack.

Anonymous Web Networks
Another way that cyber criminals can mask their identity is by routing traffic through anonymous web networks like Tor.

Tor can be used to launch the command and control communications necessary to remotely navigate an enterprise network. While the presence of Tor traffic is an obvious red flag for security professionals to check for malicious activity, tracking down the attacker is almost impossible. You can stop the attack, but bringing a Tor user to justice is a tall task.

Malware with Anti-Analysis Functionality
Attackers don’t always have to use command-and-control servers to launch attacks—sometimes delivering sophisticated malware is enough. New malware like Rombertik are coded with a number of anti-analysis functions.

  • When placed in a sandbox, Rombertik writes random bytes of data 960 million times to overwhelm security systems. Rather than “sleeping” like most malware does to avoid detection, Rombertik appears unsuspicious because it remains active.
  • The malware has a self-destruct feature that destroys files and master boot records when detection is imminent.    

Rombertik is a sign of things to come in the cyber security community, as attackers find innovative ways to avoid detection and punishment.
Unfortunately, these are only a few tactics that attackers employ as they launch evasive attacks - and they’ll only grow more sophisticated. It’s time for businesses and governmental agencies to get more proactive and start bringing criminals to justice.

Malware as a service is the product of an increasingly industrialized cyber crime market—and according to FBI Agent Michael Driscolll, it’s controlled by just 100 to 200 major cyber criminals.

Theoretically, if these kingpins are dethroned, cyber security would see a major boost in success.  To that end, governmental agencies around the world have formed the Joint Cybercrime Action Taskforce (J-CAT) to cooperate and bring cyber criminals to justice.

They’ve already seen some success, but what can you do to avoid becoming a victim and watching attackers escape unscathed?

Deceptions Everywhere™ technology has emerged as the proactive solution that individual companies can deploy to catch attackers in the act. You may not be able to bring them to justice yourself—by placing a blanket of illusions over your network, you can deceive attackers and be alerted to their every move with real-time forensics and high fidelity alerts.
Knowing exactly how attackers are moving throughout your network enables you to end the threat, learn more about the attack and provide law enforcement with the information necessary to help prosecute these dangerous cyber criminals.
Don’t you think it’s about time these attackers pay the price for their offenses?  Will you be sharing information will law enforcement?
 
Illusive Networks: http://bit.ly/1RWnmCM

« Data Security – The Trends We Do Not See Coming
FBI's War On Encryption Is Unnecessary »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Information Security Forum (ISF)

Information Security Forum (ISF)

The ISF is a leading authority on information security and risk management.

DataLocker

DataLocker

DataLocker offers both hardware based external storage and software based cloud storage encryption solutions.

Israel National Cyber Directorate (INCD)

Israel National Cyber Directorate (INCD)

The Israel National Cyber Directorate is the national security and technological agency responsible for defending Israel’s national cyberspace and for establishing and advancing Israel’s cyber power.

Hexatrust

Hexatrust

The HEXATRUST club was founded by a group of French SMEs that are complementary players with expertise in information security systems, cybersecurity, cloud confidence and digital trust.

CybExer Technologies

CybExer Technologies

CybExer provide an on-premise, easily deployable solution for complex technical cyber security exercises based on experience in military grade ranges.

Innovent Recycling

Innovent Recycling

Innovent Recycling provides a secure IT recycling & data destruction service to all types of organizations across the UK.

Crypto Valley Association

Crypto Valley Association

Crypto Valley Association is an independent, government-supported association established to build the world’s leading blockchain and cryptographic technologies ecosystem.

Griffiss Institute (GI)

Griffiss Institute (GI)

GI's primary role is to advocate and facilitate the co-operation of private industry, academia, and the Air Force Research Laboratory in developing solutions to critical cyber security problems.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

Agile Defense

Agile Defense

Agile Defense is an Information Technology services provider, delivering leading-edge Digital Transformation solutions to the Federal Government.

ZEUSS

ZEUSS

ZEUSS is a diversified data center, cybersecurity, and green energy company.

C/side (cside)

C/side (cside)

At c/side, we're creating the ultimate delivery, performance and detection mechanism for browser-side fetched 3rd party Javascript.

Hilltop Technologies

Hilltop Technologies

Hilltop Technologies is a cybersecurity company specialized in managed security services and consulting tailored for all sectors from higher education to publicly traded companies.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.