{"id":644638,"date":"2013-02-28T20:19:14","date_gmt":"2013-03-01T01:19:14","guid":{"rendered":"http:\/\/blog.ted.com\/?p=70428"},"modified":"2013-02-28T20:19:14","modified_gmt":"2013-03-01T01:19:14","slug":"how-to-spy-on-hackers-james-lyne-at-ted2013","status":"publish","type":"post","link":"https:\/\/mereja.media\/index\/644638","title":{"rendered":"How to spy on hackers: James Lyne at TED2013"},"content":{"rendered":"<div id=\"attachment_71855\" class=\"wp-caption aligncenter\" style=\"width: 910px\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-71855\" alt=\"Photos: James Duncan Davidson\" src=\"http:\/\/tedconfblog.files.wordpress.com\/2013\/02\/ted2013_0062788_dsc_8243.jpg?w=900&#038;h=590\" width=\"900\" height=\"590\" \/><\/p>\n<p class=\"wp-caption-text\">Photos: James Duncan Davidson<\/p>\n<\/div>\n<p>Cybersecurity specialist James Lyne takes the TED2013 stage to show us some of the\u00a0newest and nastiest creations that\u00a0cybercriminals have designed to steal data, make off with billions of dollars, watch people through their webcams and target\u00a0power and utility companies.\u00a0Every day, he says, about 250,000 new pieces of malware are created and\u00a030,000 websites infected.<\/p>\n<p>&#8220;People think that, if you get a computer virus, you&#8217;ve been on a porn site,&#8221; says Lyne, of the security firm\u00a0<a href=\"http:\/\/sophos.com\/\" >Sophos<\/a>. &#8220;Actually, statistically speaking, if you only visit porn sites you&#8217;re safer.&#8221; Shockingly,\u00a080% of infecting sites are actually small businesses or other legitimate enterprises that have themselves been infected.<\/p>\n<p>The world of malware is becoming commercialized. Cybercriminals now\u00a0advertise online, offering their services for $10 to $50 per hour. Lyne shows this video as an example.<\/p>\n<p><span class='embed-youtube' style='text-align:center; display: block;'><iframe class='youtube-player' type='text\/html' width='586' height='360' src='http:\/\/www.youtube.com\/embed\/c9MuuW0HfSA?version=3&#038;rel=1&#038;%23038;fs=1&#038;%23038;showsearch=0&#038;%23038;showinfo=1&#038;%23038;iv_load_policy=1&#038;%23038;wmode=transparent' frameborder='0'><\/iframe><\/span><\/p>\n<p>There are sites where you can test a virus to make sure it works before unleashing on the world, and sophisticated services for tracking your malware. Some of these services even offer customer support.<\/p>\n<p>So what are some ways to infect a computer with malware? In addition to the old &#8220;Hello, I&#8217;m a Nigerian banker,&#8221; you could, perhaps, walk into a corporate lobby with a copy of your resume soaked in coffee, and make a sad face and ask the receptionist to plug in a\u00a0USB key and print you a new copy. Or perhaps you can target a website that has an insecure comments section; anyone who visits the page will then be infected. And there&#8217;s a\u00a0new tactic that Lyne has noticed &#8212; creating a virus that pops open a fake anti-virus protection software window on a person&#8217;s screen. By clicking the button, not only does a person give a hacker access to their computer, but might even pay for the .<\/p>\n<p>So many stories about cybercrime are terrifying. But Lyne has a success story to share &#8212; a time he was able to track the group of cybercriminals behind the <a href=\"http:\/\/nakedsecurity.sophos.com\/koobface\/\">Koobface malware<\/a>. This group didn&#8217;t protect their malicious code, which was written to send each of them a text message daily to show them how much money they&#8217;d accumulated. In other words, Lyne&#8217;s team had their phone numbers. From there, he could tell they were located in Russia.<\/p>\n<p>Because many smartphones\u00a0embed GPS data about where photo is taken, Lyne was able to find the hackers&#8217; exact location through photos they uploaded to Flickr. From there, Lyne&#8217;s team generated a 27-page report filled with information about this group \u2014 including an ad one of them had posted for the sale of kittens, shots from a fishing trip, a photo of their office on the third floor of a building and images from the office Christmas party. He eventually even found their bank accounts.<\/p>\n<p>Sadly, Lyne reveals that this report wasn&#8217;t enough to bring these hackers to justice. Most laws pertaining to cybercrime are national, and because there is no common definition between countries, this group is still at large.<\/p>\n<p>Lyne stresses that, for the time being, the onus is on individuals to protect themselves by creating different passwords for different websites and using basic internet safety protocols. For example, don&#8217;t upload smartphone photos to an online dating site &#8211;\u00a0Lyne has found that 60% of photos there contain location data. But vulnerabilites can be even more subtle than that.\u00a0As you move through the world, using your phone to connect to wireless networks Lyne warns that you are &#8220;beaming a list of the wireless networks you&#8217;ve previously connected to.&#8221;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-71854 aligncenter\" alt=\"TED2013_0063217_D41_2030\" src=\"http:\/\/tedconfblog.files.wordpress.com\/2013\/02\/ted2013_0063217_d41_2030.jpg?w=900&#038;h=576\" width=\"900\" height=\"576\" \/>Lyne collected data on the TED2013 audience by tracing these signals:<\/p>\n<ul>\n<li>23% had been to Starbucks recently<\/li>\n<li>46% could be linked to a specific business<\/li>\n<li>761 could be traced to a specific hotel<\/li>\n<li>And 234 could be traced to coordinates of their homes<\/li>\n<\/ul>\n<p>&#8220;As we play with these shiny new toys, how much are we trading off convenience over privacy and security?&#8221; asks Lyne.\u00a0&#8221;The internet is a fantastic resource for business,\u00a0art and\u00a0learning.\u00a0Help me and the security community make life much more difficult for cybercriminals.&#8221;<\/p>\n<p>  <a rel=\"nofollow\" href=\"http:\/\/feeds.wordpress.com\/1.0\/gocomments\/tedconfblog.wordpress.com\/70428\/\"><img decoding=\"async\" alt=\"\" border=\"0\" src=\"http:\/\/feeds.wordpress.com\/1.0\/comments\/tedconfblog.wordpress.com\/70428\/\" \/><\/a> <img loading=\"lazy\" decoding=\"async\" alt=\"\" border=\"0\" src=\"http:\/\/stats.wordpress.com\/b.gif?host=blog.ted.com&#038;blog=14795620&#038;%23038;post=70428&#038;%23038;subd=tedconfblog&#038;%23038;ref=&#038;%23038;feed=1\" width=\"1\" height=\"1\" \/><img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/feeds.feedburner.com\/~r\/TEDBlog\/~4\/ed45Jc5eWgs\" height=\"1\" width=\"1\"\/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Photos: James Duncan Davidson Cybersecurity specialist James Lyne takes the TED2013 stage to show us some of the\u00a0newest and nastiest creations that\u00a0cybercriminals have designed to steal data, make off with billions of dollars, watch people through their webcams and target\u00a0power and utility companies.\u00a0Every day, he says, about 250,000 new pieces of malware are created and\u00a030,000 [&hellip;]<\/p>\n","protected":false},"author":7344,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-644638","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/644638","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/users\/7344"}],"replies":[{"embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/comments?post=644638"}],"version-history":[{"count":0,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/posts\/644638\/revisions"}],"wp:attachment":[{"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/media?parent=644638"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/categories?post=644638"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mereja.media\/index\/wp-json\/wp\/v2\/tags?post=644638"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}