The malware business

David Emm Kaspersky Lab

  download slides (PDF)

The threat landscape has changed significantly in recent years. Until a few years ago, viruses and other malicious programs tended to be isolated acts of computer vandalism, anti-social self-expression using hi-tech means. Most viruses confined themselves to infecting other disks or programs. And 'damage' was largely defined in terms of loss or corruption of data, or the failure of email servers under the load generated by malware epidemics. This has given way to the use of malicious code designed to make money illegally and the emergence and development of a 'dark economy' that supports it. This malware business is just the flip-side of the legitimate economy. Wherever there are opportunities to make money legitimately, there are always those who will seek to make money by illegitimate means. Cybercrime, then, is crime conducted using hi-tech means.

In place of the indiscriminate attacks of a few years ago, we now see strategic and targeted attacks on businesses, conducted compromised zombie machines that have been taken over by cyber criminals. The collection of zombie machines - botnets - is used to harvest personal data, to carry out DDoS attacks and to mass distribute spam. This malware ecosystem is complex, thriving and expanding on the back of e-commerce.

The new threat landscape represents a more determined adversary, yet this is still not fully understood. There is still a perception that malware is focused on causing disruption to corporate systems; and losses tend to be calculated on the impact to security systems. Today, cyber criminals have the same vested interest in our system up-time as we do: an interruption to our business is an interruption to their criminal business.

This presentation will outline the methods used by cyber criminals to compromise computers on the Internet, harvest personal data and make money illegally.


We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.