N News
HG Hardware & Gadgets
HT How-To
TT Tech Trends
OL My Online Life
Home > Sync > Blog > How-To > Computers & Software > Live from “Norton Cyber Crime Day”
OL July 7, 2009 at 10:19 am

Live from “Norton Cyber Crime Day”

By No Comments

Sync is here in New York City for a Symantec-hosted “Norton 2010: State of Consumer Security,” a behind-the-scenes look at the cybercrime landscape today. I think you’ll find it interesting, so I’ll be blogging from the conference. Have a peek!


Symantec Sync is here in New York City for a Symantec-hosted "Norton 2010: State of Consumer Security," a behind-the-scenes look at the cybercrime landscape today. I think you'll find it interesting, so I'll be blogging from the conference. Have a peek!

Security - Man Yelling at PCLive from the W – The Court hotel in New York City is a gathering of about a dozen journalists and analysts from the U.S. and Canada. We're hearing about new security threats in cyberspace, products to help combat them (disc-based or "in the cloud"). The following is a live, bulleted look at key highlights from the event:

Norton 360• The day-long conference kicked off with Kevin Haley, director, Symantec Security Response, and Mark Kanok, senior product manager for Norton 360. The topic is "The Evolution of Security Threats and Security Innovations." Comically, they started with "scareware," by pretending their presentation was hijacked by a fake security software they were going to click on.

• First, a bit of history: Symantec incorporated in March 1982, went public in 1989, and focused on Macs initially. Now, Symantec employs more than 15,000 people. Back then, the floppy disc carried viruses and infected Macs and PCs. Now viruses are distributed electronically, primarily over the Internet (web and email).

• Called Live Update, Symantec in 1996 first pushed out virus definition updates via the Internet to protect PC users faster. Then, allowed consumers to send in viruses electronically to assess. Added firewall capabilities (then two-way firewall) as a new layer of defence for consumers, followed by intrusion protection technology.

• Phishing attacks grew in early 2000s, making a website look a legitimate by copying graphics and words from an authentic website, such as a bank, and gets personal information from consumer. Anti-phishing toolbar now pops up whenever someone clicks email link and the software ascertains if it's an illegitimate website.

• "Drive-by" downloads now popular, by loading up malware on legit sites. To address "compromised" sites, such as the United Nations websites, Symantec plugged in security vulnerabilities in IE, Firefox, etc.

• Symantec says there are more than 120 million threats out there out in cyberspace. "Conficker," though, on April 1, 2009, captured a lot of the headlines. Why? Had 4.6 million active bots (infected systems) behind it, compare that to 1 million for SETI@Home or 2 million Twitter followers of Ashton Kushner.  But was a non-event, primarily, and not affecting U.S. based users compared to other countries. What was the motive behind Conficker? Money? Fame? There was a lot of Y2K hype: CD-ROM trays were going to all pop out at the same time, shut down the Internet or clear out your bank balance. While not much happened on April, now Conficker-related downloads are getting money from individuals – fake security software asks consumers to pay $49.95 to "secure" your PC, yet in fact steals your identity by asking for your financial information. Also fake YouTube videos (need to update your Flash codec first!), click on fake postcard or Facebook group.

• With USB sticks, what's old is new again (like floppy drives), the same propagation cycle is happening again. Symantec can block programs from running on removable drives.

• Why is it a big problem? People think "it can't happen to me." But it's very deceptive these days – especially difficult for non-technical computer users to sense what's real and what's fake (malicious).

• Ransom-ware not too common, but can lock your files up unless you type in credit card information to release your files.

• I asked about new Internet Explorer vulnerability, Mark says they take advantage of streaming ActiveX control to exploit systems, comes as a gift file, or drive-by download, too, and then you are "owned/pwned" but not patch for it yet by Microsoft. Mainly for Windows XP and primarily in Asia but popularity is "spreading." Symantec customers, though, have virus update already, so they're protected.

• Symantec says they're shipping software on USB in some markets, primarily for netbooks, but CD and online (downloads) is still most popular

To Catch a Cyber Criminal

* At 10:30am, Symantec kicked off a panel with Michael Stawasz, Senior Counsel for CCIPS (Computer Crime & Intellectual Property Section. United States Department of Justice), and Austin Berglas, SSA Cyber Crimes Coordinator for FBI. The two talked about how they got started, what it's like working for the government, and their motivations to fighting online crimes.

* Austin says hackers used to want to "plant their flag," for fame, but now is primarily "financially motivated." And targets are less about financial institutions today and more targeted to "vulnerabilities of the end user" coupled with security weaknesses on PC. Is it worse now with the recession? Not really, Austin says, but overall criminal activity is up…gang members using Facebook and MySpace and cell phones to do their business. The crowd laughed when Austin says can look at a Blood's member on Facebook can see his friends to go to for intel. They have a connection together, pictures of them posing together.

* Michael says it's getting worse, yes, but getting easier to fight back. "Our ability to deal with them is getting better." Michael deals with computer crimes, intellectual property issues and understanding how criminals us technology and then how this electronic evidence can be used back against them. Gangs might be online, creating evidence they can use about their organization, but the violence might still be limited to the streets, offline but helps authorities with detection and prosecution. There is some money laundering, too.

* Austin says some things easier because of Internet. Before the Internet, pedophiles would scout kids in schoolyards, malls, but now can seek out minors online, gain their trust and groom them to meet in person…"exploded because of the Internet…" Credit card scams easier online…one guy writes code in Eastern Europe, recruit U.S. people on Monster.com, malware goes out for fake card setup…they don't even know it's a crime. In 30 minutes, stole million dollars in 43 cities…that kind of crime couldn't be done before the Internet.

* Austin says they can sag these bad guys by grabbing low-level guys, reveal info that eventually leads to top guy, takes cooperation with countries, authorities, could be undercover FBI guy near the top who can arrest top dog. Are we winning? There has never been a time where there are more good guys and more bad guys, it's a race. Exploits in Windows will be found, patched by Microsoft and security experts. I don't think there will be a day that law enforcement and ahead of the cyber criminals. What's good, is that government is closing the gap, we're a lot closer…instead of 6 months behind a just a few days behind. Michael says they're winning by convincing people to take security seriously.

* Biggest misconceptions about cyber crime? Hackers are kids. They do it for kicks. It's all about child porn. We're only catching the stupid ones. We're able to deal with some of the more sophisticated techniques today. Another misconception: We're tapping every phone line and email – not true.

* Someone asked about child pornography and Austin talked about a couple of disturbing cases that stopped not just online traders of child porn, a big ring busted a couple of years ago, but also those who actively molest kids and record (and share) it with others. One man, around 2001, was found to have molested 13 boys age 7 through 13 after hiring them to do lawn work, etc. Very disturbing stories.

* Last question was what's the biggest challenge going forward? Biggest hurdles, says Austin, is increase in use of wireless technologies and lack of education still out there. Some can "war drive" and look for unsecured connections, hard to catch these criminals, they're super savvy, and remain fairly undetected if you're smart enough to move around, use Internet cafes, war-driving, etc. Imagine trying to be in secret service who is threatening the president, who moves around, it can be very difficult. Law enforcement has trouble keeping up.

* Michael adds we can deal with it but "scale" is an issue, a challenge. We have some innovative techniques but takes real expert and it's labour-intensive. We need to train more people, get more out in the field, to stop these cyber criminals. Get CCIPS to train prosecutors to deal with cases properly.

* Someone asked if movie or book really represents my day to day life. Michael says he doesn’t read cyber stuff or watch a lot of those films because he lives it every day. Austin also says hasn't seen TV shows and movies that is accurate…usually not as glamorous…some TV shows, like CSI, the authorities see the picture of the subject immediately…very far-fetched…that doesn't even come close (laughs)…

* Don't need to be technically savvy to be cyber criminal any more. Can purchase "kits" for a few bucks that are easy to use.

Behind the Scenes at Symantec

Wei Lin, senior director of engineering at Symantec, gave us a glimpse at Symantec and how they protect PC users from newly emerging threats.

* If Norton products were like the latest Hollywood movie, the crew behind-the-scenes would be the engineering team of the "production." Watching, analysing and protecting from threats "is time-consuming, complex and expensive." No one wants bad U.I., slow performance or poor quality. We need savvy army of engineers and suite of tools.

• We all had a chance to see these tools on a PC at our desk. We started looking at a worldwide map, colour-coded, showing malware attacks. It reflects real-time detection of attacks. Can click on a country and it zooms in and get info on infections, known sites with malware, etc. These are opted-in, anonymous Norton users who submit data back to Symantec around the globe. This is a snapshot, how it works, can read their comments, too. Very interesting, indeed. We clicked through other diagnostic tools, charts, maps and graphs that monitor global threats in real-time thanks to many thousands of sensors. 

* Lin talked about the engineering challenge to make it much faster, so users don't know it's working in the background.

Norton in the Cloud

Symantec's Jody Gibney talks about non-security online services, such as back-up:

* Already there is a lot going online with Symantec: Norton SafeWeb, AntiPhishing, Norton Insight and AntiSpam. Every day, Symantec provides site ratings for 3 billion sites, 30 million people opt-in for reporting. Symantec already has more than 487 exabytes of data collected (one million gigabytes), growing 53% annually.

* Building new online service to address needs inside and outside these areas. Why? Many people use different operating systems now, such as Mac market share on the rise. Easier to cross platforms. Another reason is mobile Internet access…a mindset that the kind of things I do at home should be available anywhere. Third is new lightweight computers, like netbooks, estimated to make up 20% of all laptops sold by next year…usually limited in resources and memory so online ("in the cloud") computing is key.

* New product from Symantec is excited about called OnlineFamily.Norton. It's all about parental controls. There's a growing gap between kids and parents; parents don't know what they're doing online, and have huge number of friends (average number of 135) on social networking sites (with complex online identities), so it's hard to provide guidance and advice.

* Kids are spending about 40 hours online a month, on average.
* Growing gap between perceived and actual risks online
* Parents can see what sites they go to, what they're searching, what programs are installed and used to communicate online
* Password management is a new feature
* Online convenience is key. Don't need to be at the same PC.
* Encourages communication between parents and kids to prevent sharing personal information, etc.

The power of reputation

Kevin Haley, director, Symantec Security Response, talks about the introduction a new approach to security, based on the concept of "reputation." This enables Symantec to provide protection that keeps pace with the changing security landscape.

* Leveraging its 130 million users, users anonymously can send in data; a reputation score is then calculated with all files collected, a search algorithm ranking not unlike how Google lists sites then "scores" the file and comes up with reputation rating to prioritize risk.

* Norton Insight has been in the works for 3 years already.

* Stay tund to Sync for more details soon…


Filed Under: Computers & Software > Security > Web/Tech




Leave a comment!

You can subscribe to these comments via RSS.

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.

About Sync

Sync [singk] : harmony or harmonious relationship

Here at Sync, we strive to bring you the latest in news, reviews and opinions from the tech universe. It′s our way of helping to keep Canadians in sync with tech and gadgets that surround us in our daily lives. Never miss a beat: stay in Sync.

Read more about the bloggers.

/*YM SCRIPT*/ /*Bell SCRIPT*/