User Account

All Pages

Most effective private cybercrime fighters

Assignment Help Basic Statistics
Reference no: EM131040167

Fighting Botnets

Fire Eye (www.fireeye.com) is one of the world's most effective private cybercrime fighters. The company defends corporations and governments against targeted malicious software. Fire Eye's clients include Fortune 500 companies and members of the U.S. intelligence community. Fire Eye's software examines the entire lifecycle of malicious software, how the malware operates in a network, what the malware is looking for, which servers delivered the malware, and which control servers the malware receives its orders from. Since 2005,

Fire Eye has deflected some of the world's most destructive online attacks, including:

• Aurora, the attack originating in China that targeted Google and other technology firms in 2009;
• core flood, the botnet that had been stealing millions of dollars from global bank accounts since the mid-2000s and possibly earlier;
• Zeus, a program that used personal information to steal hundreds of millions of dollars from financial institutions in 2007. To understand why FireEye is so effective, consider its confrontation with the Rustock botnet.

Rustock was the most advanced botnet ever released onto the Web. It reeled people in by putting out spam that advertised fake drugs, online pharmacies, and Russian stocks. Then, from 2007 to 2011, Rustock quietly and illegally took control of more than a million computers around the world. Symantec, a computer security company, found that Rustock generated as many as 44 billion spam e-mails per day, nearly half of the total number of junk e-mails sent per day worldwide. Profits generated by Rustock were estimated to be in the millions of dollars. For months, FireEye collaborated with Microsoft and Pfizer to plot a counterattack. Microsoft and Pfizer became involved because Rustock was selling fake Viagra, a Pfi zer product, as well as sham lotteries using the Microsoft logo. Working from FireEye's intelligence, in March 2011 U.S.

Marshals stormed seven Internet data centers across the United States where Rustock had hidden its 96 command servers. Microsoft lawyers and technicians and computer forensics experts also participated in the raids. A team deployed to the Netherlands confiscated two additional Rustock command servers. Although the operation was executed flawlessly, Rustock was able to fight back. From an unknown location, the botmaster (the person or persons controlling the bots, or zombie computers) remotely sneaked back into its network, locked out Microsoft's technicians, and began to erase fi les. Clearly, the Rustock masterminds did not want anyone to discover the information contained inside their hard drives. After some difficulty, the Microsoft technicians were able to regain control of the servers. However, the data that were erased in the 30 minutes that the Microsoft technicians required to regain control of their servers may be lost forever. As Fire Eye and its partner companies analyzed Rustock's equipment, they discovered that much of it was leased to customers with addresses in the Asian nation of Azerbaijan, which shares a border with Russia. Forensic analysis of the captured servers pointed Rustock's opponents to Moscow and St. Petersburg.

Rustock had used the name Cosma2k to conduct business on the Internet, and it maintained a WebMoney account (www.webmoney.com) under the name Vladimir Alexandrovich Shergin. No one knows whether Shergin was a real name or an alias. However, Web Money was able to inform investigators that "Shergin" had listed an address in a small city outside Moscow. On April 6, 2011, Microsoft delivered its first status report in its lawsuit against Rustock to the federal court in Seattle (Microsoft headquarters). Then, on June 14, Microsoft published notices in Moscow and St. Petersburg newspapers, detailing its allegations against the botnet spammer. The notices urged the perpetrators of Rustock to respond to the charges or risk being declared guilty. Microsoft also offered (and is still offering) $250,000 for information about the identity of the person or persons operating the botnet. Unfortunately, the Rustock perpetrators have still not been caught, and security experts believe that more than 600,000 computers around the world are still infected with Rustock malware. Sources:

Questions

1.Describe why it was so important for law enforcement officials to capture all 96 Rustock command servers at one time.

2.If the perpetrators of Rustock are ever caught, will it be possible to prove that the perpetrators were responsible for the malware? Why or why not? Support your answer.

Reference no: EM131040167

Questions Cloud

What is the equilibrium price of laptops : Consider the market for laptops. The demand for laptops is Q = 1800 - 3P. Suppose the supply of laptops is given by Q= -200 +2P. Enter numbers only. If decimal, include decimal and round to nearest tenth. What is the equilibrium price of laptops?
What does that mean to you as a manager : What are the major capital budgeting models and why are they essential to the firm's earnings, capital growth and value creation?
Sales and operations planning can be integrated : Summarize the ways through which sales and operations planning can be integrated. Then, extend your findings to additional supply chain management processes that you feel could be better integrated. Which two (or more) processes did you integrate? Wh..
Accused of artificially undervaluing : China has been accused of artificially undervaluing their currency over the past several years. If that is true, what is the impact on the United States and on China as those two countries are the largest two economies in the world?
Most effective private cybercrime fighters : Fire Eye (www.fireeye.com) is one of the world's most effective private cybercrime fighters. The company defends corporations and governments against targeted malicious software. Fire Eye's clients include Fortune 500 companies and members of the ..
Patient protection and affordable care act law : A major change in health care law in the U.S. is the recent the passage of the Patient Protection and Affordable Care Act of 2010. How did each of the various sources of our laws – common, statutory, and administrative – play a role in making the PPA..
How much did gdp increase through the whole process : Sally buys strawberries for $5, and makes chocolate covered strawberries, sells them to a market down the street for $22, and then the market sells it for $38. How much did GDP increase through the whole process?
Characteristics of a perfect competitive market : What are some of the characteristics of a perfect competitive market?
Employee free choice act : In several congressional sessions, an Employee Free Choice Act was proposed in which unions could organize workplaces through a card check without a secret ballot election. Would company managers prefer a secret ballot or a card check? Why would unio..

Reviews

Write a Review

Basic Statistics Questions & Answers

  Data was collected overall fitness before and after a

before5044626849435576665458after6966759464597891797786data was collected overall fitness before and after a physical

  Find probability that more than half are heavy smokers

One prominent physician claims that 70% of chose with lung cancer are heavy smokers. If his assertion is correct. find the probability that more than half are heavy smokers.

  Compute the values of the limits for the x and s charts

Compute the values of the limits for the X and S charts and wstimate the value of σ on the assumption that the process is in statistical control.

  Compute the margin of error with confidence

A simple random sample of 35 observations is derived from a normally distributed population with a known standard deviation of 6.3. Compute the margin of error with 95% confidence

  What is mean allowance for us teenagers

While some teenagers received no allowance, others reported receiving $200 per week. Based on this information, the mean allowance for U.S. teenagers is most likely.

  A time study is made of a tool crib and it is found that

a time study is made of a tool crib and it is found that the probability of it taking more than t minutes to fill an

  Find point estimate of proportion of bulbs last more hours

430 randomly selected light bulbs were tested in a laboratory, 224 lasted more than 500 hours. Find a point estimate of the proportion of all light bulbs that last more than 500 hours.

  Surveys repeatedly show that about 40 of adults in the us

surveys repeatedly show that about 40 of adults in the u.s. indicate that if they only had one child they would prefer

  A cell phone service provider has selected a random sample

a cell phone service provider has selected a random sample of 20 of its customers in an effort to estimate the mean

  Confidence interval for policy of replenishment of fluid

What is the probability that there will be a stock out? Given that you, the maintenance officer at the facility, want the probability of a stock out to be no more than 5% what should the reorder point be?

  The sample mean for city b is 207 with a standard

question a market researcher wants to test to determine if families of four in city a spend less per week on average

  Determining quantitative techniques

Four students riding to school together offer a the excuse of a flat tire on their car for missing a test. On the makeup test, the professor asks the students to each identify the tire that went flat.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd