Malware gangs using 'KGB-tactics' to recruit tech grads

Hacksplotation


Organised crime is "grooming" a new generation of would-be cybercriminals using tactics which echo those used by the KGB to recruit operatives at the height of the cold war, according to a new blockbuster study by net security firm McAfee.

McAfee's second annual Virtual Criminology report sensationally claims that crime gangs are targeting academic high-fliers in much the way Soviet intelligence agencies recruited spies such as notorious traitor Kim Philby in the 1940s. The study, which we reckon might prove a plausible basis for the next Tom Clancy blockbuster, suggests that net savvy teens as young as 14 are being "attracted into cybercrime by the celebrity status of hi-tech criminals and the promise of making money without the risks associated with traditional crime".

The idea that young script kiddies dabble in illegality partly due to the publicity afforded to convicted virus writers, often wrongly described as tech geniuses who foiled experts in the mainstream press, has legs. As does the suggestion that high tech crimes often go undetected. But McAfee takes a flight of fancy when it talks about the "malware milkround".

A process by which organised crime is now "employing KGB-style tactics to ensnare the next generation of hackers and malware authors. Cybercriminals are actively approaching students and graduates of IT technology courses to recruit a fresh wealth of cyber skill to their ranks," McAfee breathlessly suggests.

Such a scenario has never been the subject of a criminal case and it beggars belief that infamous VXers, such as the Send Safe gang, would venture into Western Europe, where they would face arrest. Unfortunately there's more than enough criminal talent in Russia, other regions of eastern Europe and China to keep the malware industry going for years to come. ®


Other stories you might like

  • Google battles bots, puts Workspace admins on alert
    No security alert fatigue here

    Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.

    The API capabilities – aptly named "Advanced API Security" – are built on top of Apigee, the API management platform that the web giant bought for $625 million six years ago.

    As API data makes up an increasing amount of internet traffic – Cloudflare says more than 50 percent of all of the traffic it processes is API based, and it's growing twice as fast as traditional web traffic – API security becomes more important to enterprises. Malicious actors can use API calls to bypass network security measures and connect directly to backend systems or launch DDoS attacks.

    Continue reading
  • Firefox kills another tracking cookie workaround
    URL query parameters won't work in version 102 of Mozilla's browser

    Firefox has been fighting the war on browser cookies for years, but its latest privacy feature goes well beyond mere cookie tracking to stop URL query parameters.

    HTML query parameters are the jumbled characters that appear after question marks in web addresses, like website.com/homepage?fs34sa3aso12knm. Sites such as Facebook and HubSpot use them to track users when links are clicked, and other websites like YouTube use them to enable certain site features too.

    On June 28, Firefox 102 released a feature that enables the browser to "mitigate query parameter tracking when navigating sites in ETP strict mode." ETP, or enhanced tracking protection, encompasses a variety of Firefox components that block social media trackers, cross-site tracking cookies, fingerprinting and cryptominers "without breaking site functionality," says Mozilla's ETP support page.

    Continue reading
  • Old school editor Vim hits version 9 with faster scripting language
    All of the famed user-friendliness and ease of use, but 'drastically' better performance

    Old school editor fans, rejoice: some two and a half years after version 8.2, Vim 9 is here with a much faster scripting language.

    Vim 9 has only a single big new feature: a new scripting language, Vim9script. The goal is to "drastically" improve the performance of Vim scripts, while also bringing the scripting language more into line with widely used languages such as JavaScript, TypeScript, and Java.

    The existing scripting language, Vimscript, remains and will still work. Only scripts beginning with the line vim9script will be handled differently. The syntax changes are relatively modest; the important differences are in things like local versus global variables and functions, and that functions defined with :def will be compiled before they are run. This allows many errors to be caught in advance, but more significantly, compiled functions execute from 10× to 1000× faster.

    Continue reading
  • Iceotope: No need to switch servers to swap air-cooled for liquid-cooled
    Standard datacenter kit just needs a few tweaks, like pulling off the fans

    Liquid cooling specialist Iceotope claims its latest system allows customers to easily convert existing air-cooled servers to use its liquid cooling with just a few minor modifications.

    Iceotope’s Ku:l Data Center chassis-level cooling technology has been developed in partnership with Intel and HPE, the company said, when it debuted the tech this week at HPE’s Discover 2022 conference in Las Vegas. The companies claim it delivers energy savings and a boost in performance.

    According to Iceotope, the sealed liquid-cooled chassis enclosure used with Ku:l Data Center allows users to convert off-the-shelf air-cooled servers to liquid-cooled systems with a few small modifications, such as removing the fans.

    Continue reading

Biting the hand that feeds IT © 1998–2022