Sophisticated spam, employee errors continue unabated

By Robert Westervelt, News Editor 06 Dec 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Michael Kessler has seen cybercrime at its worst.

You could have the best practices in place … but we find in more cases than not that its human error, not machine error that causes the problems you see today. Michael Kessler, founder and principal, Kessler International

The computer forensics expert and accounting fraud investigator has helped build cases against child pornographers and uncover the facts behind creepy accounting practices.

But what keeps Kessler awake at night aren't your typical criminals.

Like any other company with remote employees and hordes of spam, Kessler has to do his best to guard against malware infecting his systems. He said his Web site, investigation.com, is under constant attack, and he recently purchased an insurance policy to offset the financial risk of a data security breach.

"You could have the best practices in place … but we find in more cases than not that its human error, not machine error that causes the problems you see today," Kessler said.

Kessler has watched computer crime evolve for more than 35 years. He started his computer investigative firm, Kessler International in 1988 after serving in New York as its chief of investigations for the Department of Tax and Finance. He also served as director for its Revenue Crimes Bureau, deputy inspector general for the N.Y. Metropolitan Transportation Authority, and assistant chief auditor and investigator for the New York State Special Prosecutor.

Audio download: Security Wire Weekly: Computer forensics and accounting fraud investigator Michael Kessler, of Kessler International discusses the latest threat landscape and how companies are locking down their sensitive data. >>>Download MP3

Today nearly everyone is affected by cybercriminals, Kessler said. The latest report supports Kessler's observation. Global spam volumes have doubled this year to 120 billion messages daily, according to a new report from Cisco Systems-owned ironport Systems. And the messages are getting more sophisticated as spammers target employees with email that looks valid but is designed to spread malware and steal sensitive information.

"We thought spammers were Einsteins because they used a different way to package up their message with just one file type," said David Mayer, an Ironport product manager. "But in June they went from one file type to three or four."

Spam will never be brought under control as long as there is money to be made, Kessler said.

"It's always going to be a cat and mouse game," Kessler said. "As fast as the vendors put their technologies in place, the bad guys find out about it and come up with methods to destroy the technology or simply come up with a technology themselves and use it against the manufacturers. They're always one step ahead."

Spam defense: Spam 2.0: New threats and new strategies: In the war on spam, new battlefronts are constantly emerging. Learn how security professionals can stay on top of the latest email threats.

To guard against Microsoft Outlook Web Access getting into the hands of a hacker, Kessler uses technology from Ontario, Canada-based Messageware Inc. to secure intellectual property and terminate inactive sessions. But some of his techniques are less technical. For example, he uses software in-house to block spam and then has a person go through the quarantine daily to strip out valid emails.

"In our business we have to be careful about the methods we use to block spam," Kessler said. "We do business with mortgage companies and deal with child pornography cases, so we can't just identify specific words because many valid emails would get blocked."

The risk of sensitive data loss as a result of email messaging is increasing tremendously, said Mark Rotman, president and CEO of Messageware.

"I think that if you look at what's in email today – if you're a CFO, you have draft financials being passed around. If you're in a law firm you've got case information and a development group could have plans for next generation products," Rotman said. "Email is a line of business now and it has to be treated with more respect."

A recent report from Elk Rapids, Mich.-based research firm, the Ponemon Institute, found that the costs associated with a data breach grew to $197 per compromised record, an increase of 8% since 2006 and 43% compared to 2005. The risk associated with a data leakage has increased so much that Kessler purchased an insurance policy to cover costs associated with data notification or serious lawsuits.

"Once firm like mine has had a data breach the confidence level of my clients would drop tremendously," Kessler said. "We have to have everything in place in order to make sure it doesn't happen, but if it does we need to immediately get a team in there to make the public aware and build back the confidence."

Tags: Identity Theft and Data Security Breaches,  Malware, Viruses, Trojans and Spyware,  Enterprise Risk Management: Metrics and Assessments,  Email and Messaging Threats (spam, phishing, instant messaging),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Identity Theft and Data Security Breaches TJX to pay $9.75 million for data breach investigations Man pleads guilty in online banking hacking scam White House cybersecurity czar faces major hurdles Heartland breach cost $12.6 million, CEO says An inside look at security log management forensics investigations LexisNexis investigates breach, notifies thousands Senators hear call for federal cybersecurity restructuring Former Federal Reserve Bank employee arrested Attackers cash in on fundamental data handling mistakes, Verizon finds Courts turn aside data breach suits Malware, Viruses, Trojans and Spyware ISP shutdown latest cat-and-mouse game with hackers How to get rid of malware, botnets on a hospital IT network How can search results lead to malware? Should a national cybersecurity strategy include offensive botnets? How to prevent mobile phone spying How to defend against rogue DHCP server malware New Trojan stealing FTP credentials, attacking FTP websites Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths When BIOS updates become malware attacks Antispyware buying guide for Indian enterprises Enterprise Risk Management: Metrics and Assessments Align your data protection efforts with GRC The basics of enterprise GRC project management RSA council addresses growing security risks in the cloud How to write a risk methodology that blends business, security needs Mature SIMs do more than log aggregation and correlation Risk management must include physical-logical security convergence New partnerships, creative thinking help security bust recession Security budgets take hit in media, tech industry, survey finds Service-focused security offers best value to organization Ease the compliance burden with automation Enterprise Risk Management: Metrics and Assessments Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) CISP-PCI  (SearchFinancialSecurity.com) cookie poisoning  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) extrusion prevention  (SearchSecurity.com) identity theft  (SearchSecurity.com) parameter tampering  (SearchSecurity.com) pretexting  (SearchCIO.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary