Just finished the book: SPAM NATION by Brian Krebs. I received it after I had the opportunity to listen to him speak at the CyberCrime Symposium a couple weeks ago in Portsmouth, NH. As I listened to Brian explain how he engaged the SPAM community to gain inside information about how this massive crime organization ticked, I thought to myself: Dude, you are crazy!
As I read the book and the stories started to unfold, I was amazed at the soap-opera like events that surrounded the lives of those involved with the “SPAM NATION”. The ingenious efforts of the cyber criminals (mainly in Russia) are clever and ultimately very devious. The egos involved, the money and the massive botnets available to them was eye opening but, most of all – scary. If you’ve never feared being infected by a bot, you need to read this.
Perhaps you’ve never purchased as a result of a spam message and because of this you may think it hasn’t impacted your life. The great SPAM NATION is much more than cheap knockoff prescription drugs, DDoS attacks and unknowingly hosting illegal web sites. I would agree that most who read this book are not direct victims of SPAM. However, the companies we work for, our families, neighbors, co-workers are becoming unwilling participates even if they don’t purchase items advertised in SPAM.
The SPAM NATION is growing because a vast amount of people are still clicking. This click, even if they don’t purchase leads to an infection. And if they didn’t click on something in an email but, maybe they clicked on a link they received via Twitter, Facebook, Linkedin or other social media they ARE getting infected. This is true even on properly patched computers.
Home security efforts are some of the weakest found in cyber defense. These people work for well protected companies but, some of them pick up the infections at home, at public WIFIs and then get on-line when they get to the office. Ultimately the malware piggybacks its way right past the most expensive protection efforts. In short – ALL systems fail against the inevitable spread of these contagions.
This book is our window into a growing sophisticated community that will likely unleash even more frightening hacks in the near future. If you are one of those that thinks the SPAM NATION doesn’t impact you, prepare for a new wave of cybercrime involving crypto lockers and more targeted attacks. I don’t just mean DDoS. They are stealing your account information at major retailers such as Dell, Fedex, UPS, Overstock, Apple and iTunes. They are patiently and methodically targeting the folks who spend so much money that catching up on the expenditures will likely take months. YOU ARE NEXT Mr. UNTOUCHABLE and Brian Krebs warned you.
For this reason, make sure your incident response system is in place and that your security team is well versed in How to investigate Malware.