Web Page sponsored by Cassidian
21 Nov 13. Met bolsters force for war on soaring cyber crime. Scotland Yard is to quadruple the number of officers tackling cyber crime across London, with senior police drafting in hundreds more specialist investigators to combat what they call “the growth industry of the criminal underworld”. The new cyber unit – due to open in early 2014 – is expected to be 400-strong, the same size as Trident, the Metropolitan Police’s anti-gang command. The expansion is in response to a 60 per cent increase in cyber crime in the past year, costing the British economy an estimated £81bn. Scotland Yard’s budget for tackling cyber crime will triple to more than £15m a year. However, officers have made clear they will also be seeking funds from the private sector – banks, insurers and retailers are often targeted by online fraudsters. Commander Steve Rodhouse, head of organised crime at the Met, said the aim was to make London a “hostile territory” for cyber criminals. He said police have seen organised crime gangs “moving away from what they have historically done”, whether that was armed robbery or other violent confrontations, into more lucrative and potentially less risky online crimes. “A lot of this crime isn’t massively sophisticated,” he told the Financial Times, admitting the force had not always taken it seriously enough. “It is eminently solvable but it hasn’t had the emphasis that it deserves.”
The Met’s drive reflects growing awareness that, as criminals move their activities online, police must tighten their grip on the electronic underworld. (Source: FT.com)
21 Nov 13. For decades, computers were protected by anti-virus software loaded with the signatures of previously identified malicious code. It’s an effective technique if most of the attacks have confronted other systems before. But attackers have gotten smarter, adapting and morphing attacks regularly. And while human beings are built to grasp near equality when comparing two items, computers have a much harder time of it. Even minor changes in the code would mean that an attack wouldn’t match a prior signature. So researchers are working on a more granular approach, digging into components of attacks to find similarities, exploiting the fact that attackers rarely start completely from scratch — it’s expensive to create fresh code every time. But teaching computers to find patterns in parts of an attack isn’t easy, either.
“It’s terribly hard, because programming is a personal kind of thing,” said Alan Paller, director of research at the SANS Institute, Bethesda, Md. “You may think you’re looking at the same thing, but if it’s from two different people, it will be very different.”
The critical part of the process is figuring out how to cluster things effectively to ensure that useful connections are drawn. Georgia Tech Research Institute (GTRI) has developed a technique to do just that, implementing clustering into its Apiary system. “We’re trying to derive relationships,” said Christopher Smoak, one of the lead developers of Apiary at GTRI. It’s part of the group’s effort to ratchet up defense capabilities in the face of the growing onslaught of attacks. (Source: C4ISR & Networks)
21 Nov 13. BAE Detica reveals that Shylock malware is firmly targeted at the UK. BAE Systems Detica announces that cyber criminals are
targeting the UK with one of the world’s most sophisticated pieces of malware. The Shylock malware is one of the fastest growing threats posed by cyber criminals today, and its creators have built a platform over the last two years that allows them to commit large scale targeting and theft of sensitive banking data. The criminal gang operating the malware is currently targeting a small number of geographic regions and worryingly the UK has been a priority target. Detica’s research shows that the malware is being distribute