The annual McAfee global cyber trends study into organised crime and the Internet in collaboration with leading international security experts
FOREWARD
INTRODUCTION
CHAPTER ONE: THE INCREASING CYBERTHREAT TO NATIONAL SECURITY
CHAPTER TWO: THE INCREASING THREAT TO INDIVIDUALS AND INDUSTRY
CHAPTER THREE: HI-TECH CRIME: A THRIVING ECONOMY
CHAPTER FOUR: FUTURE CHALLENGES
CONTRIBUTORS
REFERENCES
33
38
23
29
05
13
02
04
NO MATTER WHAT YOU CALL THE DARK SIDE OF THE INTERNET, IT’S A GRIM REALITY THAT
IS GROWING ALARMINGLY FAST. GLOBAL CYBERCRIME IS A MAJOR PROBLEM, COSTING
BUSINESSES AND CONSUMERS BILLIONS OF DOLLARS A YEAR, AND THE WIDER USE
OF TECHNOLOGY IN DEVELOPING COUNTRIES ONLY FURTHER OPENS THE WINDOW OF
OPPORTUNITY FOR EVILDOERS.
Where is cybercrime today? Where is it headed? At McAfee we work around the clock to answer these questions, but we recognise that we aren’t alone in our efforts. For this report we consulted with more than a dozen security specialists at top institutions such as NATO, the FBI,
SOCA, the Centre for Education and Research in Information Assurance and Security (CERIAS), the International Institute for Counter -Terrorism in Israel and the London School of Economics.
These experts are also on the front lines in the fi ght against cybercrime every day, and we asked for their insights on the state of this dangerous underworld - as well as their predictions on where it’s going next.
The conclusions? Read on for the details, but at the highest level the experts agree that cybercrime has evolved signifi cantly in complexity and scope. Espionage. Trojans. Spyware. Denial-of-service attacks. Phishing scams. Botnets. Zero-day exploits. The unfortunate reality is that no one is immune from this malicious industry’s reach — individuals, businesses, even governments. As the world has fl attened, we’ve seen a signifi cant amount of emerging threats from increasingly sophisticated groups attacking organisations around the world. And it’s only going to get worse.
At McAfee our charter is to develop technology that protects valuable data from the bad guys, but technology is only part of the solution. From individual action, to organisations securing their networks, and governments writing enforceable legislation to deter criminal behaviour, we are in a virtual arms race, and we must work together to stay ahead.
Fighting cybercrime is a 24/7 battle, a global battle, and it is far from over.
Dave DeWalt
President & CEO
McAfee Inc.
02
Dave DeWalt, President & CEO, McAfee Inc.
In 2006, the fi ndings showed how cybercriminals had started to adopt KGB-style tactics to recruit a new generation to its ranks and capitalise on the growing opportunities to exploit new technologies for fi nancial gain. It highlighted the increasing professionalism of organised crime gangs and how businesses and individuals alike are at risk of attack.
This year, McAfee has collaborated with law enforcement agencies and cybercrime experts across the world to assess the biggest looming cyber trends. The third McAfee Virtual
Criminology Report shows how cybercrime is now a global issue for everyone.
Commissioned by McAfee, Dr Ian Brown from the Oxford Internet Institute and Professor
Lilian Edwards from the Institute for Law and the Web in the UK, together with Eugene
Spafford and his team from the CERIAS centre at Purdue University in the US, undertook extensive research amongst law enforcement agencies and cybercrime experts across the globe to assess the current trends and emerging threats to security.
First, there is now a growing threat to national security as web espionage become increasingly advanced, moving from curiosity probes to well-funded and well-organised operations out for not only fi nancial, but also political or technical gain. Are we in the midst of a cyber cold war and a race for cyber supremacy?
Second, there is an increasing threat to online services because of the growth in sophistication of attack techniques. Social engineering, for example, is now being used in conjunction with phishing techniques
- making the situation even more complex and posing an increasing threat to public confi dence in the Internet.
The third and fi nal trend is the emergence of a sophisticated market in software fl aws that can be used to carry out espionage and attacks on critical government infrastructure networks. The fi ndings indicate a blurred line between legal and illegal sales of software vulnerabilities.
The report fi nishes with a look into future trends and challenges beyond 2008.
04
IN THIS CHAPTER:
• Rise of cyber spying
• 120 countries using the
Internet for web espionage
operations
• The new cyber cold war:
China at the forefront
• Critical national infrastructure network systems under attack
• More sophisticated cyber
assaults
• From curiosity probes to well-funded and well organised operations for political, military, economic and technical espionage
Peter Sommer, an expert in information systems and innovation at the London School of Economics.
CHAPTER ONE: THE INCREASING CYBER THREAT military and economic espionage
THE FOLLOWING CYBERATTACKS ON GOVERNMENT
TARGETS HAVE TAKEN PLACE IN THE LAST 12 MONTHS:
GERMANY Germany’s respected weekly, Der Spiegel, reported that China was thought to have hacked into the computer systems of Germany’s Chancellery as well as systems at three ministries, infecting the networks with spy programs. The alleged attacks occurred just before Chancellor Angela Merkel visited Beijing. Computers in the Chancellery and the
Foreign, Economics and Research ministries were targeted.
The German Federal Offi ce for the Protection of the Constitution (BfV) conducted a comprehensive search of government IT installations and prevented a further 160 giga-bytes of information being transferred to China. They described it as “the biggest digital defence ever mounted by the German state.” The information was being siphoned off almost daily by hackers in Lanzhou (northern China) in Canton Province and in Beijing. The scale and nature of the stolen data suggested that the operation could have been steered by the state.
The Chinese Embassy in Berlin described the accusation of the state-steered hacking as
“irresponsible speculation without a shred of evidence.” v
08
UNITED STATES In June 2007, a Pentagon computer network was hacked into by Chinabased perpetrators in “one of the most successful cyberattacks” on the US Department of
Defense. While it is questionable how much sensitive information was stolen, the incident succeeded in raising concerns to a new level as it highlighted how systems could be disrupted at critical times. Many were quick to point the fi nger at the Chinese military, but a
Chinese Foreign Ministry spokeswoman dismissed the allegations as “totally groundless.” ii
ESTONIA In April 2007, Estonia experienced Distributed Denial of Service (DDoS) attacks on government, news and bank servers for several weeks. The incidents followed the removal of a Soviet statue from a central Tallinn Square to the outskirts of the city. At the height of these attacks, 20,000 networks of compromised computers were linked, and analysis of the malicious traffi c showed that computers from the United States, Canada, Brazil, Vietnam and others were involved. “It was a political campaign induced by the Russians; a political campaign designed to destroy our security and destroy our society. The attacks had hierarchy and co-ordination,” said Mikhel Tammet, director of the Estonian communication and information technology department.
iii It was a probing attack from which attackers and defenders both learned a great deal.
Russian offi cials deny that claim. Kremlin spokesman Dmitri Peskov called it “out of the question” that the Russian government were involved in the attacks. iv
INDIA The National Informatics Centre (NIC) was reportedly attacked from dial-up Internet connections in China. Key intelligence offi cials claimed that hackers broke into the email accounts of 200 ministers, bureaucrats and defence offi cials and continue to raid Indian servers at the rate of three to four a day.
vi
China has denied all claims that it is behind the attacks.
NEW ZEALAND & AUSTRALIA Asia Pacifi c News reported that Chinese hackers had allegedly tried to hack into highly classifi ed government computer networks in Australia and New Zealand as part of a broader international operation to glean military secrets from
Western nations. According to news.com.au, Canberra refused to either confi rm or deny that its agencies, including the Defence Department, had been subject to cyberattack. New
Zealand Prime Minister Helen Clark confi rmed that foreign intelligence agencies had tried to hack into government computer networks but had not compromised top-secret data banks.
The Chinese Government has denied any involvement.
CHAPTER ONE: THE INCREASING CYBER THREAT military and economic espionage
HI-TECH CRIME IS NO LONGER JUST A
THREAT TO INDUSTRY AND INDIVIDUALS.
EXPERTS BELIEVE THAT CYBERTHREATS
TO NATIONAL SECURITY GLOBALLY
WILL CONSTITUTE ONE OF THE BIGGEST
SECURITY THREATS IN 2008 AND BEYOND.
Evidence suggests that governments and government-allied groups are now using the Internet for espionage and cyberattacks on the critical national infrastructure (fi nancial markets, utility providers, air traffi c control) of other countries.
There were more reported cases in 2007 than any previous year. This growing threat is acknowledged by the United States Department of Defense.
“We have seen attempts by a variety of state and non-state-sponsored organisations to gain unauthorised access to, or otherwise degrade,
Department of Defense information systems,” confi rmed a Pentagon spokesman.
i
Experts believe the Estonia attack is the fi rst real example of nation states fl exing their cyber-warfare capabilities. It certainly represents a landmark change in the way the Internet is being used.
said Ms Yael Shahar, International Institute for Counter-Terrorism, Israel.
HOW SOPHISTICATED ARE THESE
ATTACKS? FROM CURIOSITY PROBES
TO WELL-ORCHESTRATED ASSAULTS
Experts believe recent attacks have been far more sophisticated in their nature, designed specifi cally to slip under the radar of the governmental systems they were targeting.
They have progressed from initial curiosity probes to well-funded and well-organised operations for signifi cant political or economic gain.
said leading cyberexpert Dr Richard Clayton,
Cambridge University Computer Laboratory.
According to NATO analysts, many governments are still unaware of the threats facing them, and some governments are leaving themselves open to attack: “Many government offi ces don’t even know yet that they are leaking information.
Ninety-nine per cent of cases are probably still not known. Attackers are using Trojan horse
(programs that don’t replicate but cause damage or compromise computer security) software targeted at specifi c government offi ces - because they are custom-written, these Trojans are not amenable to signature detection and they can slip past anti-viral technologies, so this is a big problem. Hackers have dedicated qualityassurance capabilities that they run on all of their malware to make sure that their malware doesn’t get detected.”
NATO analysts said that while 90-95 per cent of threats to NATO members’ information systems can be avoided by standard tools and good IT practice, the latest series of attacks has served as a valuable wake-up call to governments and key industries around the world.
agrees Dr. Eugene Spafford, executive director of the
Center for Education and Research in Information
Assurance and Security (CERIAS) at Purdue University .
HOW PREPARED ARE GOVERNMENTS
AND PUBLIC-SECTOR COMPANIES FOR
CYBERATTACKS?
Spafford also said that most government agencies and companies around the world use common computing technologies and systems – the same products frequently penetrated by criminal hackers and malware.
“Increasingly, the press has been reporting numerous cyber intrusions onto governmental networks around the world. We also know that defence contractors and other vendors who provide intelligence and technical services to governments have discovered IT breaches.
There have also been reported instances of attacks against high-tech companies whose leading-edge, proprietary technology should be considered high-value targets by both competitors and by other nations. It’s not unreasonable to believe that some of these attacks may have been directed – or conducted
– by competing nation-state governments.
There’s widespread consensus that we should expect that these types of malicious activities will dramatically increase over the next few years.”
10
CHAPTER ONE: THE INCREASING CYBER THREAT military and economic espionage
DESIGNED TO TAP DEEP INTO A
NATION’S CORE INFRASTRUCTURE
NATO analysts believe that the sophistication and management of recent attacks suggest that the
Estonia experience was just the tip of the iceberg in cyber warfare. Each phase was designed to tap deep into the nation’s core infrastructure and seek out the extent to which systems and networks could stand up to relentless cyberassault. The deliberate and abrupt start and end points of the probe indicated that it wasn’t a fullscale attack, and the perpetrators will most likely apply what they have learnt to the development of future cyberattacks.
“Traditional protective measures were not enough to protect against the attacks on
Estonia’s critical national infrastructure. Botnets
(collections of zombie PCs) unsurprisingly were used, but the complexity and coordination seen during the Estonia attacks was new. There was a series of attacks with careful timing using different techniques and specifi c targets. The attackers stopped deliberately rather than being shut down,” said a NATO insider.
If Estonia was inadequately prepared, however, the same NATO insider warns that the impact of the attacks could have been far more critical and long term for other countries:
Estonia showed just how easy it was for critical national infrastructure to be compromised and experts argue that all sovereign states must properly isolate such core functions.
HOW A SUSTAINED AND TARGETED
CYBERATTACK COULD LEAD TO
NATIONAL CRISIS
The fall-out from a cyberattack on a country’s national infrastructure could be devastating.
“Hackers could create chaos by manipulating information and electronic systems that the government, the military and the private industry rely on,” said Joel Brenner of the United States
Offi ce of Counterintelligence Executive. “Water and sewer systems, electricity, fi nancial markets, payroll, air and ground traffi c control systems ... could all be subject to sophisticated attacks by both state sponsored and freelance terrorists.” vii
A CYBER COLD WAR? ARE WE IN
THE MIDST OF A CYBER COLD WAR?
EXPERTS BELIEVE WE ARE.
The Chinese have publicly stated that they are pursuing activities in cyber-espionage and in the government’s white paper, as read by McAfee
Avert Labs, they speak of technology being a large part of war in the future. The United States,
United Kingdom, Germany and several other countries are likely targets for political, military, economic and technical espionage.
And other nations may have similar plans to conduct online spying operations.
said Peter Sommer, an expert in information systems and innovation at the London School of Economics.
“Everybody is hacking everybody,” said Johannes
Ullrich, an expert with the SANS Technology
Institute, pointing to Israeli hacks against the
United States and French hacks against European
Union partners. But it is aspects of the Chinese approach that worry him. “The part I am most afraid of is...staging probes inside key industries.
It’s almost like having sleeper cells, having ways to disrupt systems when you need it if it ever came to war.” viii
And with an estimated 120 countries working on their cyberattack commands, in 10-20 years experts believe we could see countries jostling for cyber supremacy.
ix
Sommer warns that countries are undoubtedly gearing themselves to launch international all-out online attacks. The present political environment is one in which countries are testing the water to gauge the potential infl uence (and risks) of such assaults. “Government agencies are doubtless conducting research on how botnets can be turned into offensive weapons, but before launching a weapon you need to be sure what the outcome will be – you don’t want attacks to spill over to your own allies by mistake. DDoS attacks will remain a problem for public-facing government web sites, but internal sites are usually easier to protect,” he said.
“The Chinese were fi rst to use cyberattacks for political and military goals,” said James
Mulvenon, an expert on China’s military and director of the Center for Intelligence and
Research in Washington. “Whether it is a battlefi eld preparation or hacking networks connected to the German chancellor they are the fi rst state actor to jump feet fi rst into the
21st century cyber warfare technology. This is becoming a more serious and open problem.” x
Hi-tech crime is no longer just a threat to industry and individuals. National security is also under attack from cyber-espionage and cyberattacks and some governments are taking the threat very seriously and shoring up their defences.
The Australian attorney general, for example, announced after attacks this year that the government was to spend AU$70m to improve esecurity. But can all countries afford to do this?
Who is at risk in the future? Experts believe likely cybertargets are those countries which are heavily networked and reliant on the Internet as well as those countries with an unstable political environment.
12
IN THIS IN THIS CHAPTER: :
• Increasing threat to
• New technology, new threats
– ‘vishing’ and ‘phreaking’
• A run on the banks
Dr Richard Clayton, a cybersecurity expert at Cambridge University
CHAPTER TWO: THE INCREASING THREAT
CYBERCRIMINALS CONTINUE TO REFINE
THEIR MEANS OF DECEIT AS WELL AS
THE VICTIMS THEY ARE TARGETING.
As Internet users bank and shop more online and display more of their personal information on social networking sites, cybercriminals are employing increasingly sophisticated means to prise this information from them. Offi ce workers who upload and share more sensitive data via fi le sharing software are also a common target.
Organised crime is capitalising on every opportunity to exploit these new Web-based technologies to commit classic crimes such as fraud and extortion.
McAfee Avert Labs believes attacks targeted at
Web-based services will constitute one of the ten biggest global security threats in 2008.
As Internet crime, identity theft and violation of privacy increasingly become a part of public consciousness, consumer trust in online services may be severely damaged.
IN SUMMARY, EXPERTS BELIEVE THE KEY
GLOBAL THREATS AFFECTING USERS IN
2008 WILL BE:
• New and sophisticated forms of attack
• Targeting new technologies, such as peer-to- peer and VoIP services
• Targeting online social networks
• Targeting online services, in particular
GENETICALLY MODIFIED ‘SUPER’ THREATS
There is a new level of complexity in malware not seen before. These ‘super strength’ threats are more resilient, are modifi ed over and over again, and contain highly sophisticated functionality such as encryption.
A recent example of these new super strength threats to hit computer users in 2007 was Nuwar
(also known as the Storm Worm). It was the most sophisticated threat experts had ever seen ‘in the wild’. The Storm Worm set a worrying precedent.
McAfee Avert Labs expects others will ride the coattails of Storm Worm, pushing up the number of
PCs turned into bots. Bots are computer programs that give cybercrooks full control over PCs. Bot programs typically get installed surreptitiously on the PCs of unknowing computer users.
David Vaile of the Australian Legal Information
Institute and University of New South Wales warned that his research in Asia Pacifi c has uncovered a frightening world where custom viruses are written in Eastern Europe to target specifi c companies and government agencies.
According to Vaile and his team these viruses are evolving incredibly fast, drawing a comparison to recombinant DNA where all elements of the virus or Trojan are constantly recombined in order to form a new organism.
Eugene Spafford, a professor of computer sciences at Purdue University and executive director of the Center for Education and Research in Information Assurance and Security (CERIAS) agreed that the complexity of cyberthreats is evolving rapidly:
“As a trend we will continue to see fewer overt viruses and worm programs as attacks but an increase in threats that hijack PC machines with bots, Trojans and Web browsers. Another challenging trend will be the arrival of self modifying threats and threats which attack back.”
STORM WORM
Nuwar, also known as Zhelatin and ‘Storm Worm’, is one of the most prevalent strains of malware at the moment with new variants appearing almost daily. Nuwar is a Trojan horse distributed by way of massive spam campaigns with emails containing a link to a site that attempts to install the malware automatically or tricks the user is into installing the code if the automatic installation fails. All infected machines are controlled via a peer-to-peer network. The entire botnet is used to send out spam or run DDoS attacks. It may be one of the largest botnets at the moment, with the number of infected computers worldwide running into the millions.
Professor Keiji Takeda of Carnegie Mellon CyLab
Japan said: “The WINNY virus was probably originally written for kicks and/or copyright violation rather than for malicious use or by organised crime, but the effect has been catastrophic.”
“Many workers load the WINNY p-to-p system on work networks, or take home laptops with work data on them between home and the offi ce – and, as a result, corporate data has been uploaded to terrifi c embarrassment. Since leakages are not always via corporate network but from the home, data breaches are also not being stopped by corporate fi rewalls and we’ve also seen many cases in which ex-employees keep corporate data on their private PC or Hard Disk even after they have left the company and accidentally leak sensitive information.”
HOW CRIMINALS ARE TARGETING
NEW TECHNOLOGIES
As the adoption of new Internet technologies grows, so does the opportunity for cybercriminals to extort and exploit individuals and industry. In Voice over IP
(Internet Protocol) applications, for example, more than double the number of security vulnerabilities have been reported in 2007 than in all of 2006.
We have also seen several high-profi le ‘Vishing’
(phishing via VoIP) attacks and a ‘phreaking’
(hacking the telephone network to make free longdistance calls) conviction. VoIP technology is still new, and defence strategies are lagging. McAfee
Avert Labs expects a 50 per cent increase in VoIPrelated threats in 2008.
Another new target for cybercriminals is peerto-peer (p-to-p) services, in particular in Japan’s
WINNY, the most popular p-to-p service in
Asia. While not yet prevalent in the West due to bandwidth constraints, p-to-p networks such as WINNY will undoubtedly spread as global technology catches up.
WINNY P-TO-P MALWARE: THE COMING
THREAT FROM JAPAN
In the Japanese corporate sector, some 50 percent of all data breaches have been linked to malware infecting WINNY. When WINNY is corrupted, it uploads vital data from the user’s hard drive to others on the p-to-p network. When this happens to a corporate service, the results can be catastrophic.
In Japan, data has been leaked from nuclear power plants and sensitive policing investigations. Japan requires responsible corporations to make public disclosure of data breaches. However, since the data is freely available on the WINNY network, disclosure merely alerts ID thieves to what data has been newly leaked.
As p-to-p threats arrive in the West, regulators will need to be alert and not apply outdated solutions to new threats. McAfee Avert Labs have already warned that Nuwar, which uses peer-to-peer technology, may be the most dangerous piece of malware ever seen.
16
CHAPTER TWO: THE INCREASING THREAT
SOCIAL NETWORKING:
CYBERCRIMINALS
GO WHERE THE PEOPLE ARE
Assaults on consumer networking sites are becoming more unnerving. It was reported on November 8, 2007 that cybercriminals had hijacked pages on News Corp’s (NWS) social networking site MySpace including the home page of US singer Alicia Keys. Clicking nearly anywhere on the page would lead viewers to a
Web site in China that tried to trick PC users into downloading software that took over their PCs.
Social networking sites such as MySpace and
Facebook have become an attractive target for cybercriminals looking to mine personal information, to trick users with phishing scams and to serve up malware.
A new opportunity for cybercriminals is the popularity of applications on social networking sites, for example those on Facebook that allow users to send each other virtual ‘rounds of drinks’ and ‘birthday gifts’. Invariably malware writers will attempt to exploit this capability to trick users into granting access to personal information.
Cybercriminals could thus gather vast amounts of highly valuable and marketable information.
Google’s new Open Social xi protocol has already been adopted by MySpace and allows the migration of personal data between social networking sites, it too could pose a threat, according to Lilian Edwards, a leading hi-tech security expert at the Institute for Law and the
Web, University of Southampton, United Kingdom.
THE ‘COMPARE ME’ SCANDAL
One of the most popular applications on Facebook is “Compare Me”. Users are asked to say which of their friends are the hottest, the best fun to go shopping with, the most trustworthy, etc.
The app writers originally promised that only general results would be made public (e.g. “X is
3rd hottest in your friends circle!”). A few weeks later, however, it turned out that non-anonymous data (e.g. “Your friend X said Y was a better friend than you”) was being sold for US $9.
Although the potential ‘Compare Me’ damage is trivial, it shows how easy it is for cybercriminals to extract personal information from users on social networking sites. It also shows how little personal restraint users often demonstrate when sharing information and opinions online.
said Lilian Edwards.
THE INCREASING CYBERTHREAT TO THE
FINANCIAL INDUSTRY
Online fraud is already costing Internet users and businesses millions of dollars annually, but experts believe sustained targeting of customers by cybercriminals could also severely damage public trust in online banking services, and believe that to maintain trust in online banking, banks and customers need to assume joint responsibility, i.e. banks must invest in superior security measures and customers must use the tools provided.
“People are said to fear e-crime more than mugging,” said the United Kingdom’s Lord
Broers in the House of Lords Report on Personal
Internet Security. “That needs to change or else confi dence in the Internet could be destroyed.
You can’t just rely on individuals to take responsibility for their own security. They will always be out-foxed by the bad guys. We feel many of the organisations profi ting from Internet services now need to take their own share of the responsibility.”
SO WHAT IS THE FINANCIAL SECTOR
DOING TO COMBAT CYBERCRIME?
The fi nancial sector is not standing still. Many banks have introduced sophisticated security methods such as secondary authentication, though this type of advanced security is sometimes limited to high net-worth customers and availability varies by geography.
Brazil, for example, has one of the most advanced online banking systems in the world. Nearly 100 percent of Internet banking sites use HTTPS and two PINs (one to log onto the system and one to perform a transaction). Some banks also use an additional one-time-password to provide an additional layer of security. Many European banks do the same and banks in North America also are implementing additional security systems.
Not everyone, however, is convinced that efforts to address online banking security will prove effective enough, fast enough. Critics include
Dr Richard Clayton, a cybersecurity expert at
Cambridge University.
18
CHAPTER TWO: THE INCREASING THREAT
DECLINE IN PUBLIC TRUST?
While direct losses to Internet users via privacy breaches may be small, recoverable or even unnoticed, experts fear the cumulative effect could be the erosion of trust in public institutions such as banks and government agencies and in particular in doing business over the Internet.
The impact of cybercrime on consumer confi dence is already being felt in the United States. According to Gartner analysts, most consumers do not open email from companies or individuals they do not know from prior experience. Three out of four online shoppers are more cautious about where they buy goods online, and one-third report buying fewer items than they otherwise would because of security fears. US banks are already losing customers because of security concerns.
xii
A recent Ponemon Institute xiii study reveals that data breaches undermine consumer confi dence and fear of identity theft has changed consumers’ purchasing behaviour.
Sommer at the London School of Economics said communication is the key to maintaining consumer trust:
22
CHAPTER TWO: THE INCREASING THREAT
UNITED STATES Individuals lost at least $200 million to online fraud in 2006 - and that’s just the people who took the time to report their misfortune to the FBI’s Internet Crime Complaint
Centre. Those 200,000 cyberfraud victims said they were swindled out of an average of $724.
UNITED KINGDOM The Metropolitan Police broke up a UK phishing gang that had 2000 UK victims, with hundreds of thousands of pounds each month being transferred to one of fi ve phishing accounts.
20
SOUTH AFRICA According to Neville Melville, South Africa’s outgoing ombudsman for banking services, Internet banking has increased by 20 per cent in the past year.
As South Africans’ use of the Web to perform business transactions, including banking and shopping, grows, they run an increased risk of becoming victims of cybercrime, which research indicates has become the fastest growing white collar crime in the country.
Melville said that cybercriminals are taking advantage of the fact that the country lacks proper legislation to deal with Internet crime, adding that the police and judicial system also lack resources and equipment to effectively investigate crimes and successfully prosecute cybercriminals.
“At the moment, cybercriminals see Africa as a safe haven to operate illegally with impunity,” said Hamadoun Toure, secretary-general of the Geneva-based ITU. “Cybercrime in Africa and other developing regions will become even worse as broadband technology takes off, allowing criminals to operate more effectively.” xiv
SWEDEN In what is believed to be the biggest online heist to date, in early 2007, Internet fraudsters stole around 8m kronor ($1.1m; £576,000) from account holders at Swedish bank
Nordea. An estimated 250 customers were duped into falling for phishing emails containing a tailor-made Trojan sent in the name of the bank encouraging people to download a ‘spam fi ghting’ application.
Once the Trojan was downloaded it recorded keystrokes that were activated as users tried to log into the Nordea online banking site. They were then redirected to a false homepage, where their log-in details were recorded and used by criminals on the real bank site to steal money from their accounts.
BRAZIL Brazil has been suffering for some years from a plague of Trojans called PWS-
Bankers (PWS stands for password stealers). The fi nance industry is by far the preferred target for cybercrime in Brazil.
In 2005, Febraban (the Brazilian Banks Federation) estimated the losses at R$300m
(US$165m) due to virtual fraud.
According to Febraban, “Brazilian banks are concerned with this new fraud / hacking scenario, but they are aware that the technology innovation has gone past the point of no return, either due to the evident benefi ts to customers – who gain time and convenience for transactions anywhere or due to the sheer effi ciency gains provided by the new channels to the Brazilian fi nancial system.”
BANCO DE BRASIL On June 16, 2007, Banco de Brasil released a new Internet banking Web site, updating everything in its design. Banco de Brasil is one of the most targeted banks in the country and most data-thieving malware aimed at the bank’s customers was designed for the old site.
Within a few days, a source-code repository of PWS-Bankers was discovered by McAfee
Avert Labs revealing plenty of fi les targeting Brazilian banks. One fi le in particular caught their attention – ‘New Banco de Brasil Screen.jpg’. It was dated June 21 and had the new password screen of the Banco de Brasil Web site. Assuming the dates are accurate, in fewer than fi ve days the criminals had created a functional PWS-Banker Trojan that was ready to pose as the new bank site.
IN THIS CHAPTER:
• Laws of supply and
• ‘White market’ fuelling thriving black market
• The Virtual Arms Trade
CHAPTER THREE: HI-TECH CRIME: A THRIVING ECONOMY military and economic espionage:
THE THIRD GLOBAL SECURITY TREND
IDENTIFIED BY SECURITY EXPERTS CONSULTED
IS THE EMERGENCE OF AN ENTIRE ECONOMY
GEARED TO OUTFIT CRIMINALS WITH THE
TOOLS FOR CYBERCRIME.
An entire economy now exists to outfi t criminals with the virtual tools they need to commit cybercrime.
This thriving underworld includes specialised auction sites, product advertising and even support services.
Competition is becoming so intense that ‘customer service’ has now become a specifi c selling point when organised crime gangs are looking to use or rent botnet time (to send out spam, jam a website or even monitor keystrokes to detect people’s passwords) or have malware created for them. Here is an overview of the emerging trends in this sector of the cybercrime economy:
LEASE A BOTNET
Computer skills are no longer necessary to execute cybercrime. Botnets have become tools which can be bought, sold and stockpiled like guns or drugs; they can even be traded or leased. This enables perpetrators with fewer technical skills to commit crimes.
xv On the fl ipside, malware writers do not even need to commit the crimes themselves to make it fi nancially viable; they can simply sell the tools to do so. People can subscribe to tools that keep them up to date with the latest vulnerabilities, for example MPACK or Pinch which includes a support service to ensure it utilises the latest vulnerabilities and even tests itself against security solutions to validate effectiveness.
CHEAP AS BOTNETS
With so many PCs now infected, competition to supply botnets has become intense and the cost of buying and leasing them has tumbled. Around fi ve per cent of all global machines may be zombies
– and the cost of renting a platform for spamming is now around $US.037 per zombie per week (Source:
UK House of Lords Report into Personal Internet
Security, 2007).
MADE TO MEASURE
A budget of as little as $US25 to $1,500 can buy you a
Trojan that is built to steal credit card data and mail it to you. Malware is being custom written to target specifi c companies and agencies.
Whilst many of these services are labeled as being sold for ‘education purposes’ or purely for proof of concept testing, it is clear that they could do damage if they fell into the wrong hands or were sold by people with malicious intent. The cycle of supply and demand is enabling the commercialisation of cybercrime.
HOW THE SECRET VIRTUAL ARMS
TRADE IS CAUSING CONCERN FOR
GOVERNMENTS
The black market for stolen data (e.g. credit cards, emails, Skype accounts, etc.) is now well-developed and the cost of obtaining credit card details could be from $US.50 to fi ve dollars or more.
However, it is another black market that is causing alarm to governments and world capitals
- zero day exploits.
Zero-day exploits: Computer code that exploits a vulnerability for which a patch is not yet available.
In January 2006, a Microsoft WMF exploit was sold in an online auction for $US4,000 and it was believed to have been be sold to more than one ‘black hat’ buyer (a person who compromises the security of a computer system without permission from an authorised party, typically with malicious intent).
Investigations showed that the exploit was later used by at least one buyer to capture machines to spread ‘pump and dump’ spam (email campaigns designed to infl ate stock prices with bogus insider information.
There is also evidence to suggest that $US4,000 is fairly low and perhaps ‘devalues the market’.
The pictured email [I will buy for more] implies that exploits can fetch up to $75,000.
Exploits are a weapon that can be used to infl ict damage on corporations, competitors or governments. They open ‘back doors’ in programs, allowing theft of personal data such as bank account details, and they can even infl ict signifi cant damage on the infrastructure of a nation or be used for cyber-espionage. “There is no magic involved in cyber-espionage, all anyone has to do is exploit some fl aw or vulnerability,” said Shawn Carpenter, principal forensic analyst at Netwitness. These vulnerabilities can also be used to blackmail the vendor of the affected software.
26
CHAPTER THREE: HI-TECH CRIME: A THRIVING ECONOMY military and economic espionage:
CAN THIS MARKET EVER BE LEGAL?
Many people might be shocked to learn there is a legal ‘white market’ in the buying and selling of these zero-day vulnerabilities. Using contracts and non-disclosure agreements with legitimate organisations, companies openly buy these software fl aws. Examples include Tipping
Point (owned by 3Com) and iDefense (owned by Verisign). Governments also actively employ experts to hunt for fl aws.
SHOULD THE SALE OF EXPLOITS
BE ILLEGAL?
Security experts and economists do not agree on whether a ‘white market’ should be allowed. There is a school of thought that believes that discovering an exploit is hard work and that researchers should be paid for it, since their work is for the public good. On the other hand, software writers argue that a bug in their software is not something that should be saleable back to them, or worse still, someone else.
Whilst experts agree vulnerabilities need to be discovered, many still feel uneasy about this
‘white market’. Both the aforementioned major players on the white market engage in ‘responsible disclosure’, i.e. they disclose the vulnerability to the software vendor after they have made it known to their own customers. The vulnerability is thus eventually fi xed or patched. However, a time gap inevitably exists between when a vulnerability is found and when the vendor patches it.
Evidence suggests that where a ‘white market’ exists, there is always a danger that exploits can fall into the wrong hands. The United States, to prevent exactly that from happening, is currently attempting to pass legislation to block the sale of
3Com, which owns Tipping Point, to a large Chinese company with government links.
As a member and contributor to the Organisation for Internet Safety (OIS), McAfee believes that the existence of a legal ‘white market’ is not in the best public interest and advocates ethical disclosure.
“We believe that the only way to secure networks is to make disclosure solely about ethics rather than notoriety or fi nancial reward,” said David Coffey,
Director of Product Security at McAfee.
Unfortunately, a black market for exploits will always exist, but by allowing a ‘white market’ it is possible that we are increasing the danger that vulnerabilities will fall into the wrong hands.
28
IN THIS CHAPTER:
• Some countries to become known as safe havens for
cybercriminals
• We will see the fi rst international action on countries harbouring
cybercriminals
• Governments will pursue punitive action against specifi c individuals and companies that attack
• Action will prompt a dynamic change in the landscape
CHAPTER FOUR: FUTURE CHALLENGES
How the internet has become a weapon for political, military and economic espionage:
HAVING ANALYSED THE EVOLUTION AND
DEVELOPMENT OF CYBERCRIME TO DATE,
MCAFEE AND EXPERTS FROM THE CENTRE FOR
EDUCATION AND RESEARCH IN INFORMATION
ASSURANCE AND SECURITY (CERIAS) IN THE
UNITED STATES BELIEVE THE FOLLOWING
TRENDS WILL START EMERGING OVER THE
COMING YEARS.
Increase in safe havens for cybercriminals:
The need for international agreement
The inevitable reality is that some countries will become known as safe havens for cybercriminals and international pressure to crack down won’t work well in those countries where the government has fi nancial ties to criminals or has a political agenda encouraging them.
Watch for the fi rst international action on this issue within the next fi ve years.
The good news isthat some countries that are known sources of malware are already taking action to effect change. Russia, for example, has just formed an e-crime unit. In cyber-policing, the
West is recognising that being international is a requirement rather than an option.
International collaboration on this level, however, will not happen overnight. Despite the
Cybercrime Convention and EC initiatives on information attacks, global co-operation on cyberenforcement is still diffi cult and costly. NATO and the U.S. Airforce Command have been brought in specifi cally to look at threats against nations, but mainstream cybercrime needs to rise up the international agenda.
Unfortunately, there is some belief that it will take cybercrime to become fi rmly rooted in society and to grow beyond a ‘manageable risk’ before it is tackled on a large scale. When that happens, just as with drugs and gambling, it will receive the resources and attention to properly start tackling it on a national and global level.
The belief is that in the next few years, governments will pursue punitive action against the specifi c individuals and companies that attack countries. They will get aggressive and go after them, regardless of the location.
Once this happens, this will prompt a dynamic change in the landscape. Cyber-criminals will no longer undertake cybercrime in certain areas because it will present a much greater risk, even to their personal safety. said Sharon Lemon, SOCA, the United Kingdom’s Serious
Organised Crime Agency.
LEGAL SOLUTIONS TO MITIGATE
CYBER-INSECURITY
We will see governments putting pressure on intermediary bodies that have the skills and resources, such as banks, ISPs and software vendors, to protect the public from malware, hacking and social engineering. We’ve already seen the Federal Trade Commission in the US calling for action. It’s likely that industry will resist these moves and governments will need to balance the economic impact on industry sectors with public concern for cyber-security. The likeliest outcome will be a growth in ‘soft-law’ – industry sector codes of practice demanding improved security measures, backed possibly by kitemarking, guarantees and insurance.
CHANGES IN HOW WE THINK
OF SECURITY
We will also see greater connectivity, more embedded systems and less obvious perimeters which will all require a change in how we think about security. But the changes will be slow in coming.
Compliance rules and laws will drive some signifi cant upgrades and changes, but not all will be appropriate as the technology changes. Some compliance requirements may actually expose organisations to attack. Related to compliance, the enforcement of external rights (e.g. copyright using digital rights management will lead to greater complexity in systems and more legal wrangling.
Individual civil suits for security breaches will start to appear, although their growth in Europe is likely to be slower due to a different class action culture than in the US. Security standards of reasonable care for industry will need to be far more closely defi ned as regulators become more interested in both corporate and user security.
Finally, there is a growing realisation that massive data stores, mirroring, RAID, backups and more mean that data never really goes away. This will be a boon to some law enforcement activities, but it will also be a burden for companies in civil lawsuits and a continuing threat to individual privacy.
32
How the internet has become a weapon for political, military and economic espionage:
EMEA:
DR IAN BROWN – RESEARCH FELLOW
AT THE OXFORD INTERNET INSTITUTE
OXFORD UNIVERSITY
Dr Ian Brown is a research fellow at the Oxford
Internet Institute, Oxford University, and an honorary senior lecturer at University College
London. His work is focused on public policy issues around information and the Internet, particularly privacy, copyright and e-democracy. He also works on the more technical fi elds of information security, networking and healthcare informatics.
He is a Fellow of the Royal Society of Arts and the British Computer Society, and an adviser to
Privacy International, the Open Rights Group, the Foundation for Information Policy Research and Greenpeace. He has consulted for the US government, JP Morgan, Credit Suisse, the
European Commission and the UK Information
Commissioner’s Offi ce.
In 2004 he was voted as one of the 100 most infl uential people in the development of the
Internet in the UK over the previous decade.
LILIAN EDWARDS – INSTITUTE FOR LAW AND THE
WEB (ILAWS), UNIVERSITY OF SOUTHAMPTON
Lilian Edwards is Professor of Internet Law at Southampton, and Director of ILAWS. Her research interests are generally in the law relating to the Internet, the Web and new technologies, with a European and comparative focus. Her current research focus is on Internet content
(pornography, libel, spam, etc.); intermediary/ISP liability on the Internet; jurisdiction on the Internet; privacy and data protection on-line; cybercrime and cyber-security; and consumer protection on line. She has co-edited two bestselling collections on Law and the Internet and a third collection of essays The New Legal Framework for E-
Commerce in Europe .
Her work in on-line consumer privacy won the
Barbara Wellbery Memorial Prize in 2004 for the best solution to the problem of privacy and transglobal data fl ows. She is an adviser to
BILETA, EURIM, Creative Commons Scotland, and the Online Rights Group and has consulted for the
European Commission.
SHARON LEMON – HEAD OF E-CRIME, SERIOUS
ORGANISED CRIME AGENCY (SOCA)
The Serious Organised Crime Agency (SOCA) is an Executive Non-Departmental Public Body sponsored by, but operationally independent from, the Home Offi ce.
Detective Superintendent Sharon Lemon is the
Head of E-Crime at SOCA.
BOB BURLS MSC – DETECTIVE CONSTABLE,
METROPOLITAN POLICE COMPUTER CRIME UNIT
The Computer Crime Unit is a centre of excellence in regard to computer and cybercrime committed under the Computer Misuse Act 1990, notably hacking, maliciously creating and spreading viruses and counterfeit software. The unit provides a computer forensic duty offi cer and offers computer evidence retrieval advice to offi cers.
Personal biography not available.
YAEL SHAHAR - DIRECTOR, DATABASE PROJECT
INSTITUTE FOR COUNTER-TERRORISM, IDC
HERZLIYA
Yael Shahar heads ICT’s OSINT and database project. She designed the ICT terrorist connections database and the terrorist incidents database, used for tracking links between terrorist individuals, front companies, and organisations.
Ms. Shahar specialises in the study of technological trends as applied to terrorism and intelligence sharing. She lectures on terrorism trends, non-conventional terrorism, and threat assessment at the International Policy Institute for Counter Terrorism, Interdisciplinary Center
Herzliya, as well as security conferences and seminars worldwide.
Ms. Shahar’s primarily responsibility is conducting open-source datamining in support of ICT research projects, as well as venue-specifi c threat assessments for ICT’s commercial clients.
Her background is in physics, database design, and security and installation protection. She served as a reservist in the IDF hostage rescue unit, and as a sniper in Israel’s Border Guard ‘Matmid’ units.
34
How the internet has become a weapon for political, military and economic espionage:
PETER SOMMER – SENIOR RESEARCH FELLOW
AT THE LONDON SCHOOL OF ECONOMICS’
INFORMATION SYSTEMS INTEGRITY GROUP.
Peter Sommer’s main research interest is the reliability of digital evidence, a subject which encompasses forensic computing and ecommerce. He has helped developed the LSE’s social -science orientated courses on information security management. In the last Parliament he was Specialist Advisor to the UK House of
Commons Trade and Industry Select Committee while it scrutinised UK policy and legislation on e-commerce. He was part of the UK Offi ce of
Science Technology’s Foresight Study, Cyber Trust,
Cybercrime. He sits on a number of UK Government
Advisory Panels. Recent research contracts have been carried out for the UK Financial Services
Authority and the European Commission’s Safer
Internet Action Plan. He is currently part of the
European FIDIS Network of Excellence and also a member of the Reference Group (review mechanism) of another European Commission initiative, PRIME.
He is an external examiner at the Royal Military
College of Science and an advisor on a number of law enforcement and other committees concerned with cyber-crime and emergency response. He has advised Centrex, which provides hi-tech crime training to UK law enforcement, and TWED-DE, a US DoJ-funded exercise to develop training on digital evidence. He has also lectured at UK and US law enforcement seminars on cyber-evidence and intelligence matters.
He was on the programme committee for
FIRST 2000 in Chicago.
Peter Sommer acts as an advisor and surveyor for leading insurers of complex computer systems. His fi rst expert witness assignment was in 1985 and his casework has included the Datastream Cowboy /
Rome Labs international systems hack, the Demon v Godfrey Internet libel, NCS Operation Cathedral,
Operation Ore and many other cases involving such diverse crimes as multiple murder, forgery, software piracy, bank fraud, credit card cloning and the sale of Offi cial Secrets.
He is on the Advisory Council of the Foundation for
Information Policy Research, a UK-based think tank.
RICHARD CLAYTON – CAMBRIDGE UNIVERSITY
COMPUTER LABORATORY
The Computer Laboratory at Cambridge is the
Computer science department of University_of_
Cambridge. The Cambridge Diploma in Computer
Science was the world’s fi rst taught course in computing, starting in 1953.
Richard Clayton is a leading security researcher and a long time contributor to UK security policy working groups.
UNITED STATES:
EUGENE H SPAFFORD – PROFESSOR OF
COMPUTER SCIENCES, PURDUE UNIVERSITY
AND EXECUTIVE DIRECTOR OF THE CENTRE FOR
EDUCATION AND RESEARCH IN INFORMATION
ASSURANCE AND SECURITY (CERIAS)
Eugene H. Spafford is one of the most senior and recognised leaders in the fi eld of computing. He has an on-going record of accomplishment as a senior advisor and consultant on issues of security, education, cybercrime and computing policy to a number of major companies, law enforcement organisations, academic and government agencies, including Microsoft, Intel, Unisys, the US
Air Force, the National Security Agency, the GAO, the Federal Bureau of Investigation, the National
Science Foundation, the Department of Energy, and two Presidents of the United States.
With nearly three decades of experience as a researcher and instructor, Professor Spafford has worked in software engineering, reliable distributed computing, host and network security, digital forensics, computing policy, and computing curriculum design. He is responsible for a number of ‘ in several of these areas.
ANDREA M. MATWYSHYN –
ASSISTANT PROFESSOR OF LEGAL STUDIES
AND BUSINESS ETHICS, WHARTON, UNIVERSITY
OF PENNSYLVANIA
Andrea M. Matwyshyn is an assistant professor of
Legal Studies and Business Ethics at the Wharton
School at University of Pennsylvania and an affi liate of the Centre for Economics & Policy at the
University of Cambridge.
Andrea’s research and consulting focus is in the area of corporate information security and technology law and policy. Prior to entering academia, she practised law as a corporate attorney focusing on technology transactions.
FRED DOYLE - CISSP/GCIH/GREM, DIRECTOR,
IDEFENSE RESEARCH LAB, IDEFENSE VERISIGN.
iDefense Labs in provides comprehensive, actionable intelligence regarding cyber security threats and vulnerabilities to the largest fi nancial services fi rms, government agencies, retailers and other large enterprises. Its multi-lingual network of hundreds of research contributors in over 30 countries offers early and unique insight into the cyber underground and previously unknown software vulnerabilities. This insight provides our customers with intelligence to aid them in making decisions in response to threats on a real-time basis.
36
How the internet has become a weapon for political, military and economic espionage:
SOUTH AMERICA:
RENATO OPICE BLUM AND RUBIA MARIA FERRÃO
- OPICE BLUM ADVOGADOS ASSOCIADOS
Opice Blum Advogados Associados has years of solid experience in the main areas of law, especially in technology, electronic law, information technology and its variations. As pioneer in those matters, it also acts in mediations, arbitration, oral sustaining in Court, bio-law, typical technological contracts, cybercrimes etc.
It acts throughout the Brazilian territory and has international correspondents in the main fi nancial centres, such as Miami and New York.
As a member of institutional organisations, it contributes to the evolution of the law related to technological development. It is outstanding as founding partner of the Brazilian Chamber of
Electronic Commerce, member of the Computation
Brazilian Society, among other institutions.
Personal biographies not available.
APAC:
GRAEME EDWARDS - DETECTIVE SENIOR
CONSTABLE, COMPUTER CRIME INVESTIGATION
UNIT, QUEENSLAND POLICE SERVICE
The Computer Crime Investigation Unit (CCIU) within the Major Fraud Investigation Group (MFIG) was established in 2000 and is responsible for investigating all computer-related crimes, mainly fraud-related offences committed on e-retailers, e-commerce or on Internet users. The Unit also assesses and provides advice and assistance on matters involving hacking, denial of service or Internet stalking. The CCIU currently has a staffi ng strength of fi ve police offi cers and one administration offi cer.
Personal biography not available.
DAVID VAILE – EXECUTIVE DIRECTOR, CYBER
LAW AND POLICY CENTRE, UNIVERSITY
OF NEW SOUTH WALES
David Vaile became the Cyberspace Law and
Policy Centre’s fi rst executive director in 2002. He coordinates the Centre’s support for ARC research projects such as Unlocking IP, Interpreting Privacy
Principles and Regulating Online Investing, and teaches Cyberspace Law and Law in the Information
Age. His background in law, IT and communications includes legal research (Legal Aid NSW), data protection (Privacy Commissioner’s Offi ce), pro bono, public interest and test case litigation (Public
Interest Advocacy Centre), a virtual community for advocates (with the Law Foundation of NSW), organisational governance, database development, and online professional education.
His research interests in cyberspace law and policy include privacy and data protection, IT security, jurisdiction online, copyright and digital intellectual property, e-health, risk management and user-centred design. He is also a member of the
Information Security World Advisory Board, and the board of the Australian Privacy Foundation.
JAPAN:
PROFESSOR KEIJI TAKEDA – CARNEGIE MELLON
CYLAB JAPAN
Professor Takeda has worked for the Defence
Agency of Japan, Japan Air Self Defence Force, and Accenture. He is currently at a faculty of
Carnegie Mellon CyLab Japan and an adjunct faculty at Carnegie Mellon Information Network
Institute. He has conducted R&D, operation, education, and consultation in the information security area. He received a Ph.D. in Media and
Governance at Keio University.
REFERENCES: i http://www.timesonline.co.uk/tol/news/world/asia/article2388375.ece
ii http://www.guardian.co.uk/china/story/0,,2162161,00.html
iii http://news.zdnet.co.uk/security/0,1000000189,39290289,00.htm
iv http://www.washingtonpost.com/wp-dyn/content/article/2007/05/18/AR2007051802122_2.html
v http://www.timesonline.co.uk/tol/news/world/europe/article2332130.ece
vi http://security4all.blogspot.com/2007/10/chinese-hit-india-3-4-times-day.html
vii http://www.cnn.com/2007/US/10/19/cyber.threats/ viii http://www.csmonitor.com/2007/0914/p01s01-woap.html
ix http://www.csmonitor.com/2007/0914/p01s01-woap.htm
x http://seattletimes.nwsource.com/html/nationworld/2003886833_chinahack16.html
xi http://news.bbc.co.uk/1/hi/technology/7070815.stm xii http://www.fi nextra.com/fullstory.asp?id=16204 xiii http://www.ponemon.org/ xiv http://www.spaminspector.org/Internet-Fraud/SouthAfricaInternetBankingFraud_12817.html
xv http://news.bbc.co.uk/2/hi/technology/6976308.stm
McAfee, Inc., the leading dedicated security technology company, headquartered in Santa Clara, California, delivers proactive and proven solutions and services that secure systems and networks around the world. With its unmatched security expertise and commitment to innovation, McAfee empowers home users, businesses, the pubic sector, and service providers with the ability to block attacks, prevent disruptions, and continuously track and improve their security. http://mcafee.com
McAfee, Avert and/or other noted McAfee related products contained herein are registered trademarks or trademarks of McAfee, Inc., and/or its affi liates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-McAfee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners.
© 2007 McAfee, Inc. All rights reserved.
We endeavour to ensure that the information contained in the McAfee Virtual Criminology Report is correct; however, due to the ever changing state in
Cybersecurity we do not warrant its total completeness or accuracy.
38
McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054, 888.847.8766, www.mcafee.com
McAfee {include relevant trademarks listed in the document} and/or other noted McAfee related products contained herein are registered trademarks or trademarks of McAfee, Inc., and/or its affi liates in the US and/or other countries.
McAfee Red in connection with security is distinctive of McAfee brand products. Any other non-McAfee related products, registered and/or unregistered trademarks contained herein is only by reference and are the sole property of their respective owners. © 2007 McAfee, Inc. All rights reserved.