16-11-2012, 06:01 PM
Communications & Virtual Commerce Risks
Communications & Virtual.ppt (Size: 8.27 MB / Downloads: 215)
Typical Online Issues
Identity theft
True name takeover
Account takeover
Hacking & Database Theft
Phishing, pharming & social engineering
Fake websites
Key loggers & password stealers
Virus attacks
Trojans
System reconfiguration attacks
Session hijacking
Man-in-the-middle attacks
Blackmail
A simple example
An SMS is sent to a vending machine.
The machine dispenses a can.
Cost of the drink is charged to caller’s account.
If no payment is made, the main loss is the value of the drink, not the value of the SMS message.
Key Online Countermeasures
Awareness - paramount
Firewalls and other security software
Virus detection
Secure website development
IP Penetration Testing
IPDR tracking
URL Fingerprinting
The Second Life example
3,700,000+ members
Evolved from online fantasy games
Contains its own commercial model
Operates its own currency (Linden$)
Ability to buy & develop real estate
Ability to sell ‘land’, goods & services
USD 450,000 in trades per day
Just the first of many…
Due Diligence Issues
Regulation
Is a virtual currency a real currency?
Isn’t a Virtual Life account really a ‘bank account’?
Taxation
Income Tax
Sales Tax
Book-keeping and audits
Are virtual holdings ‘assets’?
Are virtual debts ‘liabilities’?
Future Threats
VOCs could rapidly become both a tool and a target for terrorist organisations
There is a low technical barrier to entry for existing terrorist organisations and affiliates
There is a low ‘ethical’ barrier to entry for individuals who have previously never committed a criminal act
Specific Techniques
Mutation of existing techniques
Viruses & Virtual Trojans
Other virtual Malware
Password hacking
Virtual identity theft and account takeover
Emergence of new techniques
Virtual Grey Goo attacks
Virtual ‘nuclear’ attacks