Sophisticated spam, employee errors continue unabated

By Robert Westervelt, News Editor 06 Dec 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

Michael Kessler has seen cybercrime at its worst.

You could have the best practices in place … but we find in more cases than not that its human error, not machine error that causes the problems you see today. Michael Kessler, founder and principal, Kessler International

The computer forensics expert and accounting fraud investigator has helped build cases against child pornographers and uncover the facts behind creepy accounting practices.

But what keeps Kessler awake at night aren't your typical criminals.

Like any other company with remote employees and hordes of spam, Kessler has to do his best to guard against malware infecting his systems. He said his Web site, investigation.com, is under constant attack, and he recently purchased an insurance policy to offset the financial risk of a data security breach.

"You could have the best practices in place … but we find in more cases than not that its human error, not machine error that causes the problems you see today," Kessler said.

Kessler has watched computer crime evolve for more than 35 years. He started his computer investigative firm, Kessler International in 1988 after serving in New York as its chief of investigations for the Department of Tax and Finance. He also served as director for its Revenue Crimes Bureau, deputy inspector general for the N.Y. Metropolitan Transportation Authority, and assistant chief auditor and investigator for the New York State Special Prosecutor.

Audio download: Security Wire Weekly: Computer forensics and accounting fraud investigator Michael Kessler, of Kessler International discusses the latest threat landscape and how companies are locking down their sensitive data. >>>Download MP3

Today nearly everyone is affected by cybercriminals, Kessler said. The latest report supports Kessler's observation. Global spam volumes have doubled this year to 120 billion messages daily, according to a new report from Cisco Systems-owned ironport Systems. And the messages are getting more sophisticated as spammers target employees with email that looks valid but is designed to spread malware and steal sensitive information.

"We thought spammers were Einsteins because they used a different way to package up their message with just one file type," said David Mayer, an Ironport product manager. "But in June they went from one file type to three or four."

Spam will never be brought under control as long as there is money to be made, Kessler said.

"It's always going to be a cat and mouse game," Kessler said. "As fast as the vendors put their technologies in place, the bad guys find out about it and come up with methods to destroy the technology or simply come up with a technology themselves and use it against the manufacturers. They're always one step ahead."

Spam defense: Spam 2.0: New threats and new strategies: In the war on spam, new battlefronts are constantly emerging. Learn how security professionals can stay on top of the latest email threats.

To guard against Microsoft Outlook Web Access getting into the hands of a hacker, Kessler uses technology from Ontario, Canada-based Messageware Inc. to secure intellectual property and terminate inactive sessions. But some of his techniques are less technical. For example, he uses software in-house to block spam and then has a person go through the quarantine daily to strip out valid emails.

"In our business we have to be careful about the methods we use to block spam," Kessler said. "We do business with mortgage companies and deal with child pornography cases, so we can't just identify specific words because many valid emails would get blocked."

The risk of sensitive data loss as a result of email messaging is increasing tremendously, said Mark Rotman, president and CEO of Messageware.

"I think that if you look at what's in email today – if you're a CFO, you have draft financials being passed around. If you're in a law firm you've got case information and a development group could have plans for next generation products," Rotman said. "Email is a line of business now and it has to be treated with more respect."

A recent report from Elk Rapids, Mich.-based research firm, the Ponemon Institute, found that the costs associated with a data breach grew to $197 per compromised record, an increase of 8% since 2006 and 43% compared to 2005. The risk associated with a data leakage has increased so much that Kessler purchased an insurance policy to cover costs associated with data notification or serious lawsuits.

"Once firm like mine has had a data breach the confidence level of my clients would drop tremendously," Kessler said. "We have to have everything in place in order to make sure it doesn't happen, but if it does we need to immediately get a team in there to make the public aware and build back the confidence."

Tags: Identity Theft and Data Security Breaches,  Malware, Viruses, Trojans and Spyware,  Enterprise Risk Management: Metrics and Assessments,  Email and Messaging Threats (spam, phishing, instant messaging),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Identity Theft and Data Security Breaches Chip and PIN adoption serves lesson for U.S. payment industry Group to shed light on secure identity management threats Heartland CIO is critical of First Data's credit card tokenization plan Heartland CIO on end-to-end encryption, credit card tokenization Heartland CIO on PCI, E3 project Visa probes tokens, encryption for PCI card data protection University data breach exposes 163,000 women to identity theft TJX thrives following breach, bucks sour economy Security expert's PCI analysis misguided, says PCI Council GM External attacks start with unintentional mistakes, survey finds Malware, Viruses, Trojans and Spyware Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Mini guide: How to remove and prevent Trojans, malware and spyware Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Breach forces payroll service provider PayChoice to shut down again RSA research underscores problem tracking cybercriminals Conficker analysis finds P2P coding limited, less sophisticated Enterprise Risk Management: Metrics and Assessments How to avoid Internet liability lawsuits Bruce Jones: Report Security and Risk Metrics in a Business-Friendly Way Bernie Rominski: Communicate Effectively with Management about Risk Best Policy and Risk Management Products Monitoring program data and internal controls for risk management Risk management strategy for an information technology solution provider Align your data protection efforts with GRC The basics of enterprise GRC project management RSA council addresses growing security risks in the cloud How to write a risk methodology that blends business, security needs Enterprise Risk Management: Metrics and Assessments Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary bot worm  (SearchSecurity.com) CISP-PCI  (SearchFinancialSecurity.com) cookie poisoning  (SearchSecurity.com) drive-by pharming  (SearchSecurity.com) extrusion prevention  (SearchSecurity.com) identity theft  (SearchSecurity.com) parameter tampering  (SearchSecurity.com) pretexting  (SearchCIO.com) Rock Phish  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary