It’s been said over and over and over (ad nauseum) but, just in case, I’ll go ahead and say it again. The folks that write (and use) viruses and malware are almost always in it for the same reason…. MONEY. Whether it’s using a compromised comptuer to store scammed credit card numbers from a skimmer at an ATM or to host porn or for extortion, a network of compromised computers is a significant asset for a dirtbag. We have done demonstrations of how some of these work and how they can be used but the situation noted in the article linked below drives right to the point. There’s no three way relationship necessary to make money, you just get your warez installed on the right person’s computer via carefully crafted phishing email and bam, you’ve got access to identities and cash at your fingertips. Two other things that the article does a good job of explaining is a) the role and [in]ability of antivirus in planning your defense and b) the role and importance of staying current on updates (this one is specific to Java updates, but it’s pertinent to anything that has a significant exploit).
If you take anything from this, let it be the following:
- Install your updates. If you don’t know how, get someone that does to install them.
- Don’t trust anyone when it comes to links in email. The attached article does a very good job of showing the ‘mouse over link’ test. Learn it and use it.
- Be vigilant about antivirus updates but understand the limitations of antivirus.
- Know that you are the last line of defense when it comes to defending your network
http://isc.sans.edu/diary.html?storyid=13840&rss