Tuesday, March 29, 2011

Cybercrime: an easy-entry career, Part II

It looks like the Incognito 2.0 command and control system for managing cyber criminal networks is alive and well (and under a new name, being ripped off from a previous system called Fragus)…and and available for budding crooks. The Networkworld article calls this an exploit-as-a-service capability. Incognito 2.0 appears to embody several principles of The Perfect Virus:

  1. Oversight (principle #1), a CCS dashboard
  2. Prosumption (principle #11), intended for use by "professionals"
  3. Stealth (principle #14), obviously
  4. Team Isolation (principle #16)
I don't know for sure, as I've not spent any time with the actual tool kit, but there may be other features that qualify for categorization in The Perfect Virus topology. The Securealert blog has screen shots, and a comment identifying other CCS cybercrime systems (Bomba and Blackhole). But since it's not the purpose of this blog to be a tutorial on cybercrime, I'll leave researching these toolkits to others. 

My point in bring this up at all has to do with the obvious justification for legalizing cyber privateers. Simply, the bad guys have turned cybercrime into a cottage industry.

It's time to play whack-a-mole legally and, I believe, quite profitably.

No comments:

Post a Comment

Implementation suggestions for THE MORGAN DOCTRINE are most welcome. What are the "Got'chas!"? What questions would some future Cyber Privateering Czar have to answer about this in a Senate confirmation hearing?