Finnish devil crimeware & Android's 'compulsive clickers'

Newly absorbed, acquired and assimilated by Cisco for its cyber security prowess, Sourcefire remains a subsidiary company under its own brand name.

Preventative cybercrime heuristics

The firm recently conducted a round of press and analyst meetings in the UK to discuss the inner mechanics of preventative cybercrime heuristics and point to some human behavioural realities that software application developers should be aware of in terms of the way they structure their next user-facing applications.

NOTE: heuristics (from the Greek “heuriskein” meaning “to discover”) is described as the application of experience-derived knowledge to a problem. Heuristics software looks for known sources, commonly-used text phrases and transmission or content patterns that experience has shown to be associated with e-mail containing viruses.

F ^%$! the devil!

The firm paid particular attention to Perkele.

Readers will note with interest that “perkele!” is used as a spoken interjection in modern Finnish and means “devil”, but is equivalent in meaning and intensity to a well known four letter profanity beginning with F.

In terms of form and function, Perkele is a “crimeware kit” designed to be used by script kiddies and higher level malicious hackers to construct malware for Android phones.

Perkele can ultimately help defeat the kind of multi-factor authentication typically used by many banks to protect its customers.

The problem (so says Sourcefore) is that we click without thinking…

A Sourcefire survey suggests that 90% of UK workers have clicked on a web link embedded in an email with two-thirds (66%) admitting they “very rarely first check” to ensure the link is genuine.

• 46% of surveyed workers fall into the Compulsive Clickers category.

• Cautious Clickers: 44% of those surveyed are Cautious Clickers who only occasionally click on a web link sent to them and when they do, 23% of them will check to see if the link is genuine.

• Never Clicks: Only 10% of those surveyed are in the Never Clicks category who say they would never click on a web link received via an email.

Technical director for the EMEA at Sourcefire Dominic Storey says that the issue of identity has never been more pertinent as more people are now shedding their real-world identities online and adopting digital personas.

Also in attendance for these early winter briefings was Dr Lorenzo Cavallaro, lecturer in information security at the Royal Holloway University of London

Cavallaro’s latest white paper contains the following thoughts:

“Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented.”

“Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage.”