Having heard that Kaspersky Lab, along with other cyber security outfits, were planning to launch the “Cyber Secure America Coalition,” we wondered if Eugene Kaspersky would mention the Coalition during his keynote address at the International Engagement on Cyber 2013 at Gaston Hall at Georgetown University.
The animated Russian CEO and IT security expert did not mention the new coalition in his presentation last week (you can read the press release here), but he did deliver an entertaining – and somewhat discomforting – talk on computer viruses and the havoc that has been wrought, and will be wrought by malicious software … the origin of which may or may not be betrayed by the language in which the source code is written.
For example – that August 2003 blackout in New York City that left residents and tourists sweating in the dark without access to cash from ATM machines or lighting in the stairwells of buildings that no longer had working elevators?
Based on his research, Kaspersky believes that malware infected computers linked to the power grid. This caused Internal applications to crash, and that’s when the trouble began. He also described a cyber attack on the country of Estonia, a small but very connected country. Kaspersky described how the attack shut down the Internet for the entire country and why he believes Russian criminals are to blame.
So what do cyber attacks, malware and viruses have to do with domains – especially new, generic top-level domains?
The best example of the connection may be phishing attacks. Cybercriminals create fake websites that contain the name of a legitimate, trusted company or organization – often a financial institution – and use the site to trick users into visiting the site and even providing personal information. This happens constantly. Take, for example, this recent phishing attempt that, as Softpedia reports, leverages the popular social media platform, Facebook:
“Researchers from security firm Trend Micro have come across a piece of malware, TSPY_MINOCDO.A, that’s designed to modify local HOST files and monitor browser activity in an effort to redirect victims to a bogus Facebook security check page.
The malware, which is executed every time the computer starts, waits for the user to visit facebook.com or www.facebook.com. When one of the addresses is detected, victims are redirected to a page which informs them that “Security checks help keep Facebook trustworthy and free of spam.”
With the launch of new top-level domains, cyberspace will expand – increasing the opportunity for innovative business models AND bad actors to create deceptive website names and launch malware and phishing attacks in open, generic gTLDs.