Inside the World of Security Spy Versus Spy with McAfee Labs

    Slide Show

    Cyber Crime Hits Users at Home and On the Go

    Much of the battle between security vendors and cyber criminals takes place in a netherworld that is beyond the visibility of the average IT organization. But once in a while a report surfaces that shines a light on just how much work goes into trying to thwart attacks before they ever get launched.

    McAfee, a subsidiary of Intel, today released an “Analyzing Project Blitzkrieg, A Credible Threat” report that goes into significant detail about a possible scheme to launch a coordinated series of attacks against the banking industry, which may already be under way. The report essentially says that after much debate within the security community, McAfee Labs has determined that a Project Blitzkrieg threat made against U.S. banks is indeed credible.

    As such, McAfee is advising the rest of the IT security community to take some preventative steps to mitigate this particular threat. According to Ryan Sherstobitoff, a threats researcher for McAfee Labs, Project Blitzkrieg is another example of how targeted security attacks are coming. Sherstobitoff says that at this juncture it looks like the authors of this attack are scanning specific banking accounts to not only find out how vulnerable these accounts are to an attack, but also which accounts have the most amount of money in them. The organizations launching these attacks appear to be a loose coalition of cyber criminals and terrorists using variants of code acquired from the same original source, says Sherstobitoff.

    On a certain level, the potential threat that Project Blitzkrieg represents feels like the digital version of a “smash and grab.” The basic idea is to launch a coordinated series of attacks simultaneously against 30 major financial institutions. The goal was apparently to fly low enough under the security radar screen while still being able to enlist the aid of several cyber criminal organizations to launch the attack. Like most crimes, the more people involved, the harder it is to keep a secret, so it’s not all that surprising to see word of this potential threat spreading across the Internet.

    Whether the threat ever comes to fruition remains to be seen. But its discovery does serve to highlight the increasing sophistication of cyber criminals, which in turn requires more investment in security intelligence than ever because, as George Washington once observed, “There is nothing more necessary than good intelligence to frustrate a designing enemy, and nothing requires greater pains to obtain.”

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles