The Internet Police: How Crime Went Online, and the Cops Followed by Nate Anderson
Author:Nate Anderson
Language: eng
Format: azw3
Tags: Non-Fiction
ISBN: 9780393240542
Publisher: W. W. Norton & Company
Published: 2013-08-01T00:00:00+00:00
The anonymity. Unlike early spammers, the Mega-D owner covered his tracks better, at least in public. He sent messages composed by others, which pointed to websites that were managed by others and distributed from hundreds of thousands of machines not linked personally to the botnet owner. The domain names publicly registered as command-and-control servers, which sent instructions to all the machines in the botnet, all featured inaccurate contact information. Even Mega-D’s spam clients didn’t know the operator’s real name; to both SpamIt and Affking, two of the largest clients, he was known only by the screen name Docent. Such protection did not ultimately help, but it was certainly several steps beyond what an earlier generation of spammers had even bothered doing.
/////
The tick/tock of measures and countermeasures has produced a spamming situation that is, to put it mildly, suboptimal. But the success of the spammers isn’t some law of nature; it’s possible that the legal or technical pressure eventually will squeeze spam tightly enough to bring the problem under control. Fifteen years of enforcement have pushed spammers toward botnets, and botnet owners to Eastern Europe. Prosecutions of people like Nikolaenko take time to realize, but they send a message: Yes, you can earn piles of money spamming, but you can’t come to the United States and spend it. Continued FTC civil actions against domestic spammers make overseeing a worldwide spam operation from within the United States a risky venture.
If countries like Russia decide to push back hard on spam, they could raise the “hassle factor” for spammers even further, and Russia has been more cooperative on spam of late. At the end of 2010, it announced a major investigation of SpamIt; the operation shut down and its owner is believed to have left the country. But the New York Times account of the SpamIt investigation is a reminder of just how unusual this reaction was. “The officials’ actions were a departure from Russia’s usual laissez faire approach to online crime,” said the paper. “Why, after years of ignoring spammers, Russian authorities have now acted has left online security experts puzzled.”
SpamHaus estimates that only 100 people in the world now are hard-core spammers, so it wouldn’t take many prosecutions to shrink the community. Technical measures to better authenticate e-mail are always being developed. Spam filters have improved, so even when spam is sent, most of it is not delivered. Private companies like Microsoft are increasingly suppressing entire botnets by cutting off their command-and-control servers (thus preventing any new spam instructions from being sent) or by removing the malware on user computers that powers the botnet. New calls to “follow the money” have led to increasing pressure on the few key banks in the world that handle the spammers’ cash. And the historical insecurity of the Windows operating system—which made botnets so simple to build for so many years—has been tightened dramatically in recent years.
But botnet creators continue to learn from the example of people like Nikolaenko and from the demise of Mega-D.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(7195)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(6885)
Machine Learning Security Principles by John Paul Mueller(6864)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(6518)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(6498)
Solidity Programming Essentials by Ritesh Modi(4396)
Microsoft 365 Security, Compliance, and Identity Administration by Peter Rising(3994)
Operationalizing Threat Intelligence by Joseph Opacki Kyle Wilhoit(3745)
Learn Computer Forensics - Second Edition by William Oettinger(3492)
Future Crimes by Marc Goodman(3461)
Blockchain Basics by Daniel Drescher(3430)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3427)
Mastering Python for Networking and Security by José Manuel Ortega(3421)
Building a Next-Gen SOC with IBM QRadar: Accelerate your security operations and detect cyber threats effectively by Ashish M Kothekar(3358)
Incident Response with Threat Intelligence by Roberto Martínez(3216)
The Code Book by Simon Singh(3023)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2951)
Mobile App Reverse Engineering by Abhinav Mishra(2931)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2832)
