#infosec16: Tactics of Old Are Still Used, says Mikko

#infosec16: Tactics of Old Are Still Used, says Mikko

The same problems that hit businesses in the 1980s and 1990s have not evolved in modern threat methods.

Speaking at Infosecurity Europe, F-Secure chief research officer Mikko Hypponen began his talk “Profiling the Connected Cybercriminal“ by saying that “I hunt hackers and I love it and help people solve problems”.

Talking about the emerging trend of “ransomtrojan”, Hypponen said “it feels good when we can help them”. Focusing on his recent 25th anniversary working for F-Secure and his appointment as curator for the Malware Museum for International Internet Archive, he pointed out that in 1991 the “industry did not exist then, just a bunch of small start-ups.”

However he did point out that “everything old is new again and problems thought we had solved” had returned, specifically pointing to the AIDS Trojan, and similarities to the Petya ransomware . “There were 27 years between them, but both encrypt the master boot record and demand a ransom, but the new one asks for Bitcoin but both are very similar.”

Looking at Macro viruses, Hypponen said that these were from 1995 and spread quickly and were the most common malware type in August 1995, but it was fixed with the launch of Windows 97, but now Macro comes in via email and Macros can be enabled. “If there is one thing to remember from Infosecurity Europe 2016 it is don’t click the button!”

He said: “We track 110 ransomtrojan families and these guys are like businessman and look for a return on investment as they invest in developing a new trojan and need to encrypt and decrypt files and if you don’t, no-one will pay the ransom. These groups compete with each other and hack and steal from each other.”

Hypponen concluded talking about the “fog of cyber war”, which he said comes from us not knowing about the capabilities of other countries. “We got out of previous arms race – cold war and nuclear arms race – and gone headlong into the cyber arms race and the difference is nuclear is about deterrent and has only been used two times in history. Nine countries have nuclear weapons.

“We don’t have information on cyber arms as it is invisible and under wraps and no one does testing, is the fog of the cyber war. Cyber arms are like perfect weapons. Cheap, effective and deniable and why governments interested in them.”

Source: Information Security Magazine